Install and configure the web server – Hub

Before installing the SS&C | Blue Prism® Hub web server, ensure you have read the information in Hub install preparation.

Install and configure the web server ensuring that the system can communicate with the RabbitMQ Message Broker.

The process consists of the following steps:

  1. Install IIS
  2. Configure SSL Certificates
  3. Install the .NET Core components
  4. Install Blue Prism Hub

Install IIS

The system requires IIS Web Server and the .NET Core components to be installed.

It is important that IIS is installed prior to installing the .NET Core components and Blue Prism Hub. The IIS features and roles are automatically installed as part of the Blue Prism Hub installation.

Scripted installation

Run the command below using the PowerShell command prompt:

Copy
Install-WindowsFeature -name Web-Server -computerName localhost

As part of the Blue Prism Hub installation, the following are installed:

Configure SSL certificates

During the installation process you will be asked for the SSL certificates for the websites that are being set up. Depending on your infrastructure and IT organization security requirements, this could be an internally created SSL certificate or a purchased certificate to protect the websites.

The installer can be run without the certificates being present, though for the sites to operate, the bindings in the IIS websites will need to have valid SSL certificates present.

The table below details the required SSL certificates.

Website in IIS

Default URL (example only)

Websites with a user interface for use by end-users

Blue Prism – IMS

https://ims.local

Blue Prism – Hub

https://hub.local

Websites for use by the application only (services)

Blue Prism – Email Sender

https://email.local

Blue Prism – Audit Service

https://audit.local

Blue Prism – File Service

https://file.local

Self-signed certificates

Self-signed certificates can be used but are only recommended for Proof of Concept (POC), Proof of Value (POV) and Development environments. For production environments, use certificates from your organization's approved certificate authority. It is recommended that you contact your IT Security team to check what their requirements are.

To generate a self-signed certificate:

  1. Run PowerShell as an administrator and use the following command, replacing [Website] and [ExpiryYears] with appropriate values:

    Copy
    New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "[Website].local" -FriendlyName "MySiteCert[Website]" -NotAfter (Get-Date).AddYears([ExpiryYears])

    For example:

    Copy
    New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "ims.local" -FriendlyName "MySiteCertIMS" -NotAfter (Get-Date).AddYears(10)

    This example creates a self-signed certificate called MySiteCertIMS in the Personal Certificates store, with the Subject ims.local and is valid for 10 years from the point of creation.

  2. Open the Manage Computer Certificates application on your web server (type manage computer into the search bar).
  3. Copy and paste the certificate from Personal > Certificates to Trusted Root Certification > Certificates.

  4. Repeat this process for each website.

Create an offline certificate request

To create an offline certificate request, for each certificate follow this procedure:

  1. Open the Manage Computer Certificates application on your web server (type managed computer into the search bar).
  2. Right-click Personal > Certificates and select All Tasks > Advanced Operations > Create Custom Request from the shortcut menu.

    The Certificate Enrollment wizard displays.

  3. Click Next.

  4. Select Proceed without enrollment policy and click Next.
  5. On the Custom request screen, click Next.

  6. On the Certificate Information screen, click the Details drop-down and click Properties.

  7. On the General tab in the Certificate Properties dialog, enter a friendly name and description based on the website this certificate will be applied to.
  8. On the Subject tab change the subject name type to Common name, enter the website URL in the Value field and click Add.

    The CN (common name) will display in the right-hand panel.

  9. On the Extensions tab, click Extended Key Usage, select Server Authentication and click Add.
  10. On the Private Key tab, click Key options, select a key size of your choice and select Make private key exportable.
  11. Still on the Private Key tab, click Hash Algorithm and select a suitable Hash (optional).
  12. Click OK.

    You are returned to the Certificate Enrollment screen.

  13. Click Next.
  14. Add a file name and path and click Finish.

After creating your certificate request, you will need to submit it to a Certificate Authority so they can process your request and issue a certificate. The certificate request is a text file. Usually, you are required to copy the text from the file and enter it into an online submission form on the Certificate Authority website. You will need to contact your Certificate Authority directly for instructions on the process for submitting your certificate request.

Install .NET Core Components

The .NET Core components must be downloaded and installed.

Install Blue Prism Hub

Before you install Blue Prism Hub:

  • If you are reinstalling Blue Prism Hub after previously using and removing it, and the same database names are to be used, it is recommended that the databases should be cleared of any old data before re‑installing.

The steps below detail the process for installing the Blue Prism Hub software. This includes the Identify Management System (IMS), Hub, and other associated services. The installation process will create any new databases that are required.

Download and run the Blue Prism Hub installer, available from the Blue Prism Portal, and progress through the installer as shown below. The installer must be run with administrator rights.

Step

Installer page

Details

1

Welcome

2

License agreement

Read the End-User License Agreement and if you agree to the terms, select the check box.

3

Prerequisites 1 – Server components

The installer checks that the prerequisites have been installed. Those that are not installed are identified. You cannot proceed until all the prerequisites are installed.

If there are uninstalled prerequisites, cancel the installer and install the missing components before restarting the installer. Otherwise, proceed with the installation.

4

Prerequisites 2 – RabbitMQ

Enter the server name or IP address of the Message Broker server and the credentials of the user you created.

The default message queuing port is 5672. This should only be changed if the default ports have been changed by your IT support organization.

Click Test connection to verify connectivity. A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

5

Destination folder

Specify the required installation folder. The default location is C:\Program Files (x86)\Blue Prism, but you can choose your own using the Change button.

6

IMS SQL connection

Configure the settings for the IMS database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

    You must ensure that your database password does not contain an equals sign (=), semi‑colon (;), or speech marks ("). These characters are not supported, and will lead to issues when trying to connect to the database.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful
. If the test failed, see Troubleshoot a Hub installation for further details.

7

IMS IIS setup

Configure IIS for the IMS website. You need to:

  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

8

Hub SQL connection

Configure the settings for the Hub database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

    You must ensure that your database password does not contain an equals sign (=), semi‑colon (;), or speech marks ("). These characters are not supported, and will lead to issues when trying to connect to the database.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful
. If the test failed, see Troubleshoot a Hub installation for further details.

9

Hub IIS setup

Configure the Hub website. You need to:

  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

10

Email Sender IIS setup

Configure the Email Sender website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

11

Audit SQL connection configuration

Configure the settings for the Audit database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

    You must ensure that your database password does not contain an equals sign (=), semi‑colon (;), or speech marks ("). These characters are not supported, and will lead to issues when trying to connect to the database.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful
. If the test failed, see Troubleshoot a Hub installation for further details.

12

Audit Service IIS setup

Configure the Audit Service website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

13

File Service IIS setup

Configure the File Service website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

14

Distributed Cache SQL connection

Configure the settings for the Cache database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

    You must ensure that your database password does not contain an equals sign (=), semi‑colon (;), or speech marks ("). These characters are not supported, and will lead to issues when trying to connect to the database.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful
. If the test failed, see Troubleshoot a Hub installation for further details.

15

Enter your Customer Id

Enter your customer identifier. This identifier is supplied to you by Blue Prism when you receive your product license for ALM or Interact.

If you have not purchased a licensed plugin, you can enter your own value.

16

Ready for Installation

Click Next to install Hub.

17

Installation complete

If the installation fails, the View Log option gives details of the error that was encountered. For more information, see Troubleshoot a Hub installation.