WFO

Avaya Contact Recorder

Linux Installation Cheat Sheet

Initial Draft 20/12/2011 P.Sullivan

Contents
Installing ACR on Linux ............................................................................................................................ 2
Using the Command Line (files on DVD) ............................................................................................... 2
Using the Command Line (rpm files copied to server) .......................................................................... 5
To upgrade an ACR on a Linux System ..................................................................................................... 7
Applying Patches to an ACR on a Linux System ........................................................................................ 9
To Delete ACR off a Linux System .......................................................................................................... 13
Java Virtual Machine ............................................................................................................................. 14
Cheat-sheet on setup of certificates for ACR .......................................................................................... 15
For ACR 10.1 (Extract from DTR) ........................................................................................................ 15
For ACR 10.1.2 ................................................................................................................................... 17

Page 1 of 19
Installing ACR on Linux

Using the Command Line (files on DVD)

1. Log on at the terminal prompt as User; root Password; ContactStore

2. Insert the ACR installation/upgrade DVD
3. It may be necessary to create the /mnt/cdrom mount point using the command
mkdir /mnt/cdrom
This creates a folder for you to mount the DVD files into

4. Mount the installation DVD (replace iso version/dev/cdrom with your device name if different)
mount –r –t acr.iso /dev/cdrom /mnt/cdrom

5. Enter the command

cd /mnt/cdrom

This should match the mkdir/mnt/cdrom directory created previously

6. Navigate to the directory into which you have mounted the ACR files

cd /mnt/cdrom

7. Run the command below to list all the files currently in the directory

ls

Page 2 of 19
8. Install the ACR by entering the command below – replacing xx with the build number as notified in
the release notes.

rpm –Uvh ––nodeps cscm-11.0-xx.i586.rpm

Note: --nodeps is needed only for 32bit OS systems; remove for 64bit OS systems

To find out what version of Operating System (32 or 64 bit) is installed use the following command;

getconf LONG_BIT

9. Upgrade the Java Virtual Machine by entering the appropriate command below (do not install
both). See Java Virtual Machine in this document for further information.

rpm –Uvh jre-6u29-linux-amd64.rpm (64 bit)

rpm –Uvh jre-6u29-linux-i586.rpm (32 bit)

Page 3 of 19
10. Enter the command

cd /root

11. Eject and unmount the DVD by entering the command

eject

12. Delete the folder at the following directory /opt/witness/tomcat6/work

and also /opt/witness/tomcat5* (if it exists)
13. Enter the command

service cscm start

This starts the ACR service

14. Now open a web browser and log on to;

http://ipAddressOfServer:8080

user: admin

password: admin

Page 4 of 19
Using the Command Line (rpm files copied to server)

1. Log on at the terminal prompt as User; root Password; ContactStore

2. Copy the cscm rpm files to the server

Place the cscm files into a folder, i.e create a folder called something appropriate i.e. (ACR
11.0) in the temp directory and copy the files into it.

3. Navigate to the directory into which you have copied the rpm files

/temp/ACR 11.0

4. Run the command below to list all the files currently in the directory

ls

5. Install the application by entering the command below – replacing xx with the build number as
notified in the release notes (or just hit the tab key after typing cscm)

rpm –Uvh ––nodeps cscm-11.0-xx.i586.rpm

Note: --nodeps is needed only for 32bit OS systems, remove for 64bit

To find out what version of Operating System (32 or 64 bit) is installed use the following command;

getconf LONG_BIT

6. Upgrade the Java Virtual Machine by entering the appropriate command below (do not install both).
See Java Virtual Machine in this document for further information.

7. Delete the folder /opt/witness/tomcat6/work and /opt/witness/tomcat5* (if it exists)

Page 5 of 19
8. Enter the command

service cscm start

This starts the ACR service

9. Now open a web browser and log on to;

http://ipAddressOfServer:8080

user: admin

password: admin

Page 6 of 19
To upgrade an ACR on a Linux System

It is good practice to delete any previous versions off a system before installing a new version; this also
applies for the Java Virtual Machine. This saves space on the drive and also makes the system cleaner.

1. Log on at the terminal prompt as User; root Password; ContactStore

2. Copy the cscm rpm files to the server

Place the cscm files into a folder, i.e create a folder called something appropriate i.e. (ACR
11.0) in the temp directory and copy the files into it.

3. Navigate to the directory into which you have copied the rpm files

/temp/ACR 11.0

4. Run the command below to stop the ACR services

service cscm stop

5. To find the previous version of ACR that is installed you can run entering the following command

rpm –qa cscm

6. To uninstall the previous version of ACR use the following command, followed by version number
rpm –e version name number

i.e. rpm –e cscm-11.0-0drop5f

7. Install the ACR by navigating to the directory where the files were copied and then enter the
command below – replacing xx with the build number as notified in the release notes (or just hit the
tab key after typing cscm)

Page 7 of 19
 rpm –Uvh ––nodeps cscm-11.0-xx.i586.rpm

Note: --nodeps is needed only for 32bit OS systems, remove for 64bit

To find out what version of Operating System (32 or 64 bit) is installed use the following command;

getconf LONG_BIT

8. Upgrade the Java Virtual Machine by entering the appropriate command below (do not install both).
See Java Virtual Machine in this document for further information.

9. Delete the folder /opt/witness/tomcat6/work and /opt/witness/tomcat5* (if it exists)

10. Enter the command

service cscm start

This starts the ACR service

11. Now open a web browser and log on to;

http://ipAddressOfServer:8080

user: admin

password: admin

Page 8 of 19
Applying Patches to an ACR on a Linux System

1. A patch file for an ACR consists of three files;

ROOT.war
cscmmain.jar
cscmres.jar

To apply patches onto a Linux ACR system you must first stop the ACR services by running the
command below;

service cscm stop

2. Navigate to the opt folder and click into the witness folder; this is where the ACR files and
properties are installed.

Page 9 of 19
3. You will then need to click into the tomcat folder.

4. The first of the files that needs to be replaced is the ROOT.war file which is found in the webapps
folder.

Page 10 of 19
5. Delete the existing ROOT.war file and then copy in the new one from the new patch that you
are installing.

6. Next you need to apply the cscmmain.jar and the cscmres.jar files. Both of these are in the lib
folder located in tomcat.

Page 11 of 19
7. Delete the existing files and copy in the two news files from the new patch that you are
installing.

8. You are done. Now restart the ACR services with command below

service cscm start

Page 12 of 19
To Delete ACR off a Linux System

To delete an ACR installation off a Linux system you must first find the cscm version.

Use this command;

rpm –qa cscm

Then use the following command to stop the cscm service.

service cscm stop

To uninstall the ACR use the following command.

rpm –e (version name and number)

Example: rpm –e cscm-11.0-0drop5f

Page 13 of 19
Java Virtual Machine

Upgrade the Java Virtual Machine by entering the appropriate command below (do not install both)

You can just upgrade the Java Virtual Machine but it is cleaner and saves disk space by
deleting older versions.

To find out what version of Java in installed on your system enter the command;

rpm –qa jre

This will tell you the version which is installed.

To then delete previous versions use the following command;

rpm –e version name number goes

example: rpm –e jre-1.6.0_29-fcs

To find out what version Operating System (32 or 64 bit) is installed use the following command;

getconf LONG_BIT

Upgrade the Java Virtual Machine with the following commands depending on your version of OS

rpm –Uvh jre-6u29-linux-amd64.rpm (64 bit)

rpm –Uvh jre-6u29-linux-i586.rpm (32 bit)

Page 14 of 19
Cheat-sheet on setup of certificates for ACR

For ACR 10.1 (Extract from DTR)

AACC Certificate Management Impacts on ACR

Under normal conditions, the ACR application works with the AES platform by using default
certificates which enables TLS operation. TLS operation is implicit as part of the named licensing
implementation for ACR on the AES.
However, the current installation procedure for AACC requires that an additional CA Root
certificate and associated Signed Certificate are installed on the AES server. The impact of this
change is that it temporarily breaks the existing default mechanism used by ACR and AES.
Therefore it is necessary to import the Root Certificate from the same CA (Certificate Authority)
used by the AACC into the ACR.
You must import the root cert into ACR 10.1 using 2 separate steps for TSAPI and DMCC as follows:

Step1: Import the Root Certificate into the ACR for TSAPI
The default installation of ACR has a default Root certificate file avayaprca.pem which enables TLS
communication between the ACR and the AES (Application Enablement Server) without the need
for any explicit certificate configuration, so that ACR works “out if the box”. We need to modify this
file so that it contains the Root Certificate that is used by AACC.
We need to replace the contents of the file called avayaprca.pem in the /opt/witness/keystore
folder
Firstly, navigate to /opt/witness/keystore and make a backup of the file avayaprca.pem
Go to the AES Server and navigate to Security>Certificate Management>CA Trusted Certificates.
Select the new CA Root Certificate that was added as part of the AACC installation via the associated
tick box as shown in the diagram below. In this example, the CA Root Cert is labeled IPCRCARoot.

Now click on the Export button and you will be presented with a window that contains the CA Root
cert in a textual format

Page 15 of 19
Copy the entire contents of this text (including the -----BEGIN CERTIFICATE and END CERTIFICATE
lines) and paste it into the file avayaprca.pem (located in the /opt/witness/keystore folder) on the
ACR, using your editor of choice. Ensure that no characters are missing, or extra characters are
added during this process.
Then, save the avayaprca.pem with this new content.
At this stage, the ACR TSAPI link will now happily connect to an AES that is deployed with
Certificates generated by the AACC Certificate Authority, but note that ACR BUT WILL NO LONGER
connect to a regular AES which has just the default Certificates ( i.e. No AACC CA-generated
certificates)

Step2: Import the Root Certificate into the ACR for DMCC
There is a keystore located in the ACR in /opt/witness/keystore called dmccssl.jks
We need to add the same CA Root Certificate to this Key store.
Navigate to the folder /opt/witness/keystore
Now run the following linux command:
/usr/java/latest/bin/keytool -import -alias xxxxx -file avayaprca.pem -keystore dmccssl.jks
where xxxxx is an alias describing the entry you are adding to the keystore. An alias is specified
when you add an entity to the keystore using the the -import subcommand to add a certificate or
certificate chain to the list of trusted certificates. Subsequent keytool commands must use this same
alias to refer to the entity.
The keytool will now prompt for the keystore password, which is Contact5tor3.
Finally, is it necessary to ensure that the AES TSAPI Service Identifier(s) in the General Setup menu
on the ACR Viewer X configuration screen is configured for the secure service (using the “-S”
option) . For example, use AVAYA#IPCRCM1#CSTA-S#IPCRAES1 for the secure option (rather than
AVAYA#IPCRCM1#CSTA#IPCRAES1 for the non-secure option)
Now, the ACR DMCC link will happily connect to an AES that is deployed with the Certificates
generated by the AACC Certificate Authority, and will also connect to a regular AES which has just

Page 16 of 19
the default Certificates (i.e. No AACC CA-generated certificates). Note that this is different behavior
to TSAPI.
For the purposes of an AES that is deployed with the Certificates generated by the AACC Certificate
Authority, both TSAPI and DMCC links to ACR should now be operational.
A restart of the ACR Call Recording Service is recommended after the above procedures have been
completed.

For ACR 10.1.2

Step1: Import the Root Certificate into the ACR for TSAPI and DMCC

In ACR 10.1.2, single certificate file suffices for both TSAPI and DMCC

Go to the AES Server and navigate to Security>Certificate Management>CA Trusted Certificates.

Select the new CA Root Certificate that was added as part of the AACC installation via the associated
tick box as shown in the diagram below. In this example, the CA Root Cert is labeled IPCRCARoot.

Now click on the Export button and you will be presented with a window that contains the CA Root
cert in a textual format

Page 17 of 19
Copy the entire contents of this text (including the -----BEGIN CERTIFICATE and END CERTIFICATE
lines) and paste it into the save it in a test file, perhaps "IPCRCARoot.pem" using your editor of
choice. Ensure that no characters are missing, or extra characters are added during this process.
Save this file and Copy to “/opt/witness/keystore/cacerts” directory on the ACR.

Next step is to remove the dmcc.trustall=true entry for acr.properties file and restart the ACR Call
Recording Service. Both TSAPI and DMCC links to ACR should now be operational.

Page 18 of 19