Install and configure the web server – Hub

Install and configure the web server ensuring that the system can communicate with the RabbitMQ Message Broker.

The process consists of the following steps:

  1. Install IIS
  2. Configure SSL Certificates
  3. Install the .NET Core components
  4. Install Blue Prism Hub

The default host names provided in the procedures below are only suitable for a standalone environment, such as a test environment. Your organization’s DNS and Domain structures must be considered when choosing host names in your installation. However, the first part of the default host name must not be changed; you can only change the .local part of the host name.

Instructional videos on how to install the prerequisite software and Blue Prism Hub are available from: https://bpdocs.blueprism.com/video/installation.htm.

Install IIS

The system requires IIS Web Server and the .NET Core components to be installed.

It is important that IIS is installed prior to installing the .NET Core components and Blue Prism Hub. The IIS features and roles are automatically installed as part of the Blue Prism Hub installation.

Scripted installation

Run the command below using the PowerShell command prompt:

Copy
Install-WindowsFeature -name Web-Server -IncludeManagementTools

To watch this installation step, see our IIS installation video.

Configure SSL certificates

During the installation process you will be asked for the SSL certificates for the websites that are being set up. Depending on your infrastructure and IT organization security requirements, this could be an internally created SSL certificate or a purchased certificate to protect the websites.

The installer can be run without the certificates being present, though for the sites to operate, the bindings in the IIS websites will need to have valid SSL certificates present.

The table below details the required SSL certificates.

Website in IIS

Default URL (example only)

Websites with a user interface for use by end-users

Blue Prism – Authentication Server

https://authentication.local

Blue Prism – Hub

https://hub.local

Websites for use by the application only (services)

Blue Prism – Email Service

https://email.local

Blue Prism – Audit Service

https://audit.local

Blue Prism – File Service

https://file.local

Blue Prism – Notification Center

https://notification.local

Blue Prism – License Manager

https://license.local

Blue Prism – SignalR

https://signalr.local

The default URLs shown above are only suitable for a standalone environment, such as a test environment. Your organization’s DNS and Domain structures must be considered when choosing host names for your installation. However, the first part of the default host name must not be changed; you can only change the .local part of the host name.

Self-signed certificates

Self-signed certificates can be used but are only recommended for Proof of Concept (POC), Proof of Value (POV) and Development environments. For production environments, use certificates from your organization's approved certificate authority. It is recommended that you contact your IT Security team to check what their requirements are.

To generate a self-signed certificate:

  1. Run PowerShell as an administrator and use the following command, replacing [Website] and [ExpiryYears] with appropriate values:

    Copy
    New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "[Website].local" -FriendlyName "MySiteCert[Website]" -NotAfter (Get-Date).AddYears([ExpiryYears])

    For example:

    Copy
    New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "authentication.local" -FriendlyName "MySiteCertAuthentication" -NotAfter (Get-Date).AddYears(10)

    This example creates a self-signed certificate called MySiteCertAuthentication in the Personal Certificates store, with the Subject authentication.local and is valid for 10 years from the point of creation.

  2. Open the Manage Computer Certificates application on your web server (type manage computer into the search bar).
  3. Copy and paste the certificate from Personal > Certificates to Trusted Root Certification > Certificates.

  4. Repeat this process for each website.

Create an offline certificate request

To create an offline certificate request, for each certificate follow this procedure:

  1. Open the Manage Computer Certificates application on your web server (type managed computer into the search bar).
  2. Right-click Personal > Certificates and select All Tasks > Advanced Operations > Create Custom Request from the shortcut menu.

    The Certificate Enrollment wizard displays.

  3. Click Next.

  4. Select Proceed without enrollment policy and click Next.
  5. On the Custom request screen, click Next.

  6. On the Certificate Information screen, click the Details drop-down and click Properties.

  7. On the General tab in the Certificate Properties dialog, enter a friendly name and description based on the website this certificate will be applied to.
  8. On the Subject tab change the subject name type to Common name, enter the website URL in the Value field and click Add.

    The CN (common name) will display in the right-hand panel.

  9. On the Extensions tab, click Extended Key Usage, select Server Authentication and click Add.
  10. On the Private Key tab, click Key options, select a key size of your choice and select Make private key exportable.
  11. Still on the Private Key tab, click Hash Algorithm and select a suitable Hash (optional).
  12. Click OK.

    You are returned to the Certificate Enrollment screen.

  13. Click Next.
  14. Add a file name and path and click Finish.

After creating your certificate request, you will need to submit it to a Certificate Authority so they can process your request and issue a certificate. The certificate request is a text file. Usually, you are required to copy the text from the file and enter it into an online submission form on the Certificate Authority website. You will need to contact your Certificate Authority directly for instructions on the process for submitting your certificate request.

Install .NET Core Components

The .NET Core components must be downloaded and installed.

Step

Details

Video

1

Download the following components and store them in a temporary location, for example, C:\temp:

2

To install the .NET dependencies, run each of the following commands using the PowerShell command prompt, waiting until each completes, before running the next command:

Copy
start-process "C:\temp\dotnet-hosting-3.1.3-win.exe" /q -wait
start-process "C:\temp\windowsdesktop-runtime-3.1.3-win-x64.exe" /q -wait
start-process "C:\temp\vcredist_x64.exe" /q -wait
start-process "C:\temp\NDP472-KB4054531-Web.exe" /q -wait

Ensure the file path matches the location where the files were stored in step 1.

To watch this installation step, see our .NET installation video.

Install Blue Prism Hub

Before you install Blue Prism Hub:

  • If you have purchased ALM or Interact, you will need your Customer ID during this Hub installation. This can be found in the email that was sent to you when you purchased ALM or Interact.
  • If you are reinstalling Blue Prism Hub after previously using and removing it, and the same database names are to be used, it is recommended that the databases should be cleared of any old data before re‑installing.

To watch the Hub installation and configuration process, see our Blue Prism Hub installation video.

The steps below detail the process for installing the Blue Prism Hub software. This includes the Authentication Server, Hub, and other associated services. The installation process will create any new databases that are required.

Download and run the Blue Prism Hub installer, available from the Blue Prism Portal, and progress through the installer as shown below. The installer must be run with administrator rights.

Step

Installer page

Details

1

Welcome

Click Next.

2

License agreement

Read the End-User License Agreement and if you agree to the terms, select the check box.

3

Prerequisites 1 – Server components

The installer checks that the prerequisites have been installed. Those that are not installed are identified. You cannot proceed until all the prerequisites are installed.

If there are uninstalled prerequisites, cancel the installer and install the missing components before restarting the installer. Otherwise, proceed with the installation.

4

Prerequisites 2 – RabbitMQ

Enter the server name or IP address of the Message Broker server and the credentials of the user you created.

The default message queuing port is 5672. This should only be changed if the default ports have been changed by your IT support organization.

Click Test connection to verify connectivity. A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

5

Destination folder

Specify the required installation folder. The default location is C:\Program Files (x86)\Blue Prism, but you can choose your own using the Change button.

6

Authentication Server SQL connection

Configure the settings for the Authentication Server database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

7

Authentication Server IIS setup

Configure IIS for the Authentication Server website. You need to:

  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

8

Hub SQL connection

Configure the settings for the Hub database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

9

Hub IIS setup

Configure the Hub website. You need to:

  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

10

Email Service SQL connection

Configure the settings for the Email Service database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

11

Email Service IIS setup

Configure the Email Service website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

12

Audit SQL connection configuration

Configure the settings for the Audit database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

13

Audit Service IIS setup

Configure the Audit Service website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

14

File Service IIS setup

Configure the File Service website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

15

Distributed Cache SQL connection

Configure the settings for the Cache database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

16

Notification Center SQL connection

Configure the settings for the Notification Center database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

17

Notification Center IIS setup

Configure the Notification Center website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

18

License Manager SQL connection

Configure the settings for the License Manager database by providing the SQL Server host name or IP address, and the credentials for the account to create the database:

  • If Windows Authentication is selected, the account must have the appropriate permissions. See Windows Authentication for further information.
  • If SQL Authentication is selected, enter the username and password.

The database name can be left as the default value or changed as required.

Click Test connection to proceed to test the SQL credentials and verify connectivity.
A notification will display the result of the test. You will only be able to move on to the next step if the test is successful. If the test failed, see Troubleshoot a Hub installation for further details.

19

License Manager IIS setup

Configure the License Manager website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

20

SignalR IIS setup

Configure the SignalR website.

You need to:
  • Enter a site name.
  • Enter a host name in lowercase characters – This will be used as the URL for the site. The first part of the default host name must not be changed. You can only change the .local part of the host name. Ensure that you consider your DNS and Domain structure when choosing a host name.

    The use of uppercase characters in URLs is not supported.

  • Enter the port number.
  • Select the appropriate SSL certificate.
  • Leave Start Website selected, unless you do not want the website to automatically start at the end of the installation.

21

Enter your Customer Id

Enter your customer identifier. This identifier is supplied to you by Blue Prism when you receive your product license for ALM or Interact.

If you have not purchased a licensed plugin, you can enter your own value.

If you later purchase a licensed plug, your customer ID will need to be changed within the configuration file. For more information, see Troubleshoot a Hub installation.

22

Blue Prism API URL (Optional)

If required, enter the URL for the Blue Prism API. This URL is essential if you want to use the Control Room plugin. The Control Room plugin is compatible with Blue Prism 7.0 or later.

If you decide to use the Control Room plugin and you have not entered a URL at this point, you will need to update the configuration file. For more information, see Troubleshoot a Hub installation.

23

Ready for Installation

Click Next to install Hub.

24

Installation complete

If the installation fails, the View Log option gives details of the error that was encountered. For more information, see Troubleshoot a Hub installation.