Tenon Intersystems Please see text links at bottom of page for navigation Please see text links at bottom of page for navigation
Please see text links at bottom of page for navigation Please see text links at bottom of page for navigation
Please see text links at bottom of page for navigation
Google
Search this site:



FAQ
Program name: iTools 9
  • 1. Installing, Upgrading or Removing
    • 1.1 Installing or Upgrading
    • 1.2 Backing up before an upgrade
    • 1.3 Uninstalling
    • 1.4 Installing additional packages
    • 1.5 iTools 9.0.5 and Snow Leopard
    • 1.6 Moving Firewall Settings to a new iTools Setup
    • 1.7 Moving iTools from PPC to Intel
    • 1.8 Moving iTools from one machine to another
    • 1.9 Installing Lasso 9
  • 2. Security
    • 2.1 Multiple SSL certs on the same sever
    • 2.2 Using my SSL cert for iTools Admin
    • 2.3 Generating 2048-bit CERTS
    • 2.4 Creating a Secure Virtual Host
  • 3. Administration
    • 3.1 Subadministration
    • 3.2 Subadministration Limitations
    • 3.3 Using Server Side Includes
    • 3.4 Log Reports
    • 3.5 Reinstalling "admin" user to iTools
  • 4. FTP
    • 4.1 FTP - Passive Port Range
    • 4.2 Uploading .htaccess files
    • 4.3 Unnecessary Folders Created
  • 5. PHP
    • 5.1 PDO MySQL Library
    • 5.2 php.ini
  • 6. MySQL
    • 6.1 Upgrading MySQL
  • 7. WebDNA
    • 7.1 Installing WebDNA
1. Installing, Upgrading or Removing
1.1. Installing or Upgrading
Question:
What do I need to consider when installing iTools?
Answer:
If this is a new installation, just make sure you have the correct package for your processor (Intel or PPC) and that you are running either Mac OS X Tiger (10.4) or Leopard (10.5).

If this is an upgrade, make sure you have iTools 8.2.x previously installed and make a back up of the Tenon directory.

1.2. Backing up before an upgrade
Question:
What is the best way to back up the Tenon directory?
Answer:
The recommended way is via a UNIX 'tar' command. This ensures that the ownership and permissions of all the files and directories are kept intact. Once you have a tar file (.tgz), you can move that file to a safe location by any means you like (for example dragging it to a backup disk).

As root (or using sudo):
cd /Library
tar czvf ~/Desktop/Tenon.tgz Tenon

If you want to restore the Tenon directory, use these commands:

cd /Library
tar xzvf ~/Desktop/Tenon.tgz

1.3. Uninstalling
Question:
How do I uninstall iTools?
Answer:
You must use the iTools GUI Uninstaller. This can be downloaded from the iTools download page:
http://www.tenon.com/products/itools/done.html

When iTools is installed, it makes certain changes to your system. The scripts in the Uninstaller will restore your system to its pre-iTools state.

1.4. Installing additional packages
Question:
I installed iTools, but it doesn't seem to include PHP. How do I add PHP support?
Answer:
The iTools core package includes Apache, FTP and DNS. Other capabilities (e.g. PHP, MySQL) are delivered in separately installable packages. See the iTools download page for open source add-ons:
http://www.tenon.com/products/itools/done.html

1.5. iTools 9.0.5 and Snow Leopard
Question:
Your web site says that iTools 9.0.5 is Snow compatible. I was running iTools 9.0.5 and upgraded to Snow and now iTools doesn't work. What gives?
Answer:
Snow Leopard removes /var/log/httpd, a directory that Apache's mod_rewrite needs. When you install 9.0.5, we recreate that deleted directory. So you need to install 9.0.5 *after* installing Snow Leopard. In your case a reinstall of iTools 9.0.5 will fix your site.

1.6. Moving Firewall Settings to a new iTools Setup
Question:
I installed iTools on a new machine. I'd like to have the same Firewall settings I had on the old iTools machine. Where are the Firewall settings stored?
Answer:
The settings for the iTools Firewall are in /Library/Tenon/System/Scripts/Firewall. You can move the Firewall file to your new iTools installation, making sure you keep the ownership and permissions intact. Then reboot the new server for the Firewall settings to take effect.

1.7. Moving iTools from PPC to Intel
Question:
I have a new machine. How can I move iTools from my old PowerPC machine to my new Intel box?
Answer:
The instructions for moving iTools from PPC to Intel are a little complicated, because you can only move portions of the PPC installation to the Intel box. On the other hand, if you are changing machines, but keeping the same processor, the entire Tenon folder can be moved intact.


First, install iTools and associated packages on the new machine and verify that iTools AdminServer and WebServer are running.

Second, backup data from the old machine and move tar images to new machine, as described below.

The backup should include (as applicable):
a. WebSites data
sudo tcsh
cd /Library/Tenon/WebServer/
tar czvf /Library/Tenon/WebSites.tgz WebSites
tar czvf /Library/Tenon/Configuration.tgz Configuration

b. Logs
tar czvf /Library/Tenon/WebServer/Logs.tgz Logs
cd /Library/Tenon/WebLog
tar czvf /Library/Tenon/webLogCron.tgz webLogCron

c. MySQL databases (if using MySQL)
If you are already running MySQL 5.x on the PPC:
cd /Library/Tenon/MySQL
tar czvf /Library/Tenon/MySQL-var.tgz var

If you are still running MySQL 4.x on the PPC:
Export databases using the mysqldump command.
(See MySQL documentation.)

d. DNS records (if you are hosting DNS)
cd /Library/Tenon/DNSServer
tar czvf /Library/Tenon/Configuration.tgz Configuration

These steps (a thru d) create .tgz files in /Library/Tenon on the old machine. Moving .tgz files preserves the ownership and permissions. Move all the 'tgz' files from /Library/Tenon on the old machine to /Library/Tenon on the new machine. Then follow the instructions below to untar the various elements (your configuration and web content) to the correct locations on the new machine.

a. WebSites data
sudo tcsh
cd /Library/Tenon/WebServer/
mv WebSites WebSites-ORIG
tar xzvf /Library/Tenon/WebSites.tgz
mv Configuration Configuration-ORIG
tar xzvf /Library/Tenon/Configuration.tgz

b. Logs
tar xzvf /Library/Tenon/Logs.tgz
cd /Library/Tenon/WebLog
mv webLogCron webLogCron-ORIG
tar xzvf /Library/Tenon/webLogCron.tgz

c. MySQL databases (if using MySQL)
If you are already running MySQL 5.x on the PPC:
cd /Library/Tenon/MySQL
mv var var-ORIG
tar xzvf /Library/Tenon/MySQL-var.tgz var

If you are still running MySQL 4.x on the PPC:
Import databases using the mysqldump command.
(See MySQL documentation.)
d. DNS records (if you are hosting DNS)
cd /Library/Tenon/DNSServer
mv Configuration Configuration-ORIG
tar xzvf /Library/Tenon/Configuration.tgz

Restart the WebServer on new machine. Test web sites and verify that they are working properly.

When testing is complete, change hostname and IP address of new machine (if necessary).





1.8. Moving iTools from one machine to another
Question:
I am moving to a new machine, but I am not changing processors. Is the move less complicated?
Answer:
Yes. You can simply tar the Tenon directory and move then entire Tenon directory intact to the new iTools installation on your new machine. Here are the steps:

Install iTools and associated packages on the new machine. Verify that iTools AdminServer and WebServer are running.

On the old machine, as root simply:
cd /Library
tar czvf ~/Desktop/Tenon.tgz Tenon

(This creates a Tenon.tgz on your Desktop. Move that tar image to the new machine.)

Shutdown WebServer on new machine and, as root, restore the backed up data to new machine, as follows:

cd /Library
tar xzvf ~/Desktop/Tenon.tgz

Restart WebServer on new machine. Test web sites and verify that they are working properly.

When testing is complete, change hostname and IP address of new machine (if necessary).



1.9. Installing Lasso 9
Question:
I have iTools 9.0.5 and Lasso 9 installed on my machine. How do I make Lasso run with iTools Apache?
Answer:
Add the following line to your Apache configuration file (/Library/Tenon/WebServer/Configuration/httpd.conf):

Include "/etc/apache2/users/lasso9.apache2.conf"

Restart Apache.
Wait about five seconds for Lasso 9 to start up and then go to the Lasso Server Administration found at /lasso9/admin on your domain, e.g. http://www.example.com/lasso9/admin



2. Security
2.1. Multiple SSL certs on the same sever
Question:
I have multiple virtual hosts on the same machine, and I would like to have each use it's own SSL Certificate. Is this possible?
Answer:
SSL Certificates are per IP address. You will need to set up the virtual hosts with different certificates on different IP addresses (or ports). This is part of the http/ssl protocol, the ssl certificate is checked before the http host header is sent, hence ssl certificates must be the same for all sites on a given IP address.

2.2. Using my SSL cert for iTools Admin
Question:
Is it possible to use my real SSL certificate for the iTools Admin console, instead of the self-signed cert that Tenon provides?
Answer:
Yes. If your machine is named the same as the virtual host that you are using to share the cert, then you can use your existing SSL certificate for the iTools Admin on port 85.

Just copy the real CA signed certificate to:
/Library/Tenon/WebServer/Configuration/ssl.crt/admin-server.crt

You also need to copy the private key file to:
/Library/Tenon/WebServer/Configuration/ssl.keys/admin-server.key

This will eliminate the complaints from new browsers about "unofficial" certs.

2.3. Generating 2048-bit CERTS
Question:
I have created a CSR according to the manual. When pasting it into GoDaddys request certificate window I get an error saying it is not a valid CSR. GoDaddy stipulates that the CSR must have minimum 2048 bit key length. Is there a solution for this problem?

Answer:
The latest iTools 9.0.5 does generate 2048 bit CSRs, however if you already have a 1024-bit CSR from an older version of iTools, you will have to rename the existing .csr and .crt files in the ssl.crt folder (/Library/Tenon/WebServer/Configuration/ssl.crt) . In addition, rename the existing key in /Library/Tenon/WebServer/Configuration/ssl.keys. Once those files are out of the way, you can regenerate your new CSR. This time it should be 2048-bit.


2.4. Creating a Secure Virtual Host
Question:
I want to host a secure shopping cart. How do I add an ssl certificate to my existing virtual host?
Answer:
You will need to generate a Certificate Signing Request (CSR) and send that to a valid certification authority, such as RapidSSL or Go Daddy, etc. Using the iTools Admin, there are four steps:

Step 1: Generating the Certificate Signing Request (CSR)

Go to the Configuration panel for the Virtual Host for which you want to create the SSL certificate.

iTools Admin ->WebSettings -> VH Configuration panel:
Click "Edit Certificate".
Complete the SSL Settings form and click "Save".
You will now see the CSR. Copy this CSR (including the BEGIN/END lines) and submit it to your CA Authority. This CSR is also stored in a file (/Library/Tenon/WebServer/Configuration/ssl.crt/your_virtual_host.csr).
A self-signed certificate is also generated at this time. This will allow you to use this SSL-enabled virtual host for testing purposes until you receive your actual certificate from your CA Authority.


Step 2: Configure Virtual Host to use SSL

Go back to the Configuration panel for your SSL Virtual Host.
Toggle SSL Security to On.
Notice that the port changes to "443".
Click "Save".


Step 3: Create Virtual Host on Port 80 (optional)

Steps 1 & 2 converted your existing VH on port 80 to a secure VH on port 443. In most cases, you will want to have your virtual host also answer on port 80, therefore you need to recreate the VH on port 80, giving it the same DocumentRoot as the secure VH. Your HTML can now direct users to the non-SSL pages or the SSL-enabled pages, as desired.


Step 4: Install the Valid Certificate.

Your CA Authority will provide you with a new certificate as well as their Intermediate Certificate. (This intermediate certificate enables your webserver to recognize your CA Authority as trusted.)

Replace the self-signed certificate .crt with the new certificate in /Library/Tenon/WebServer/Configuration/ssl.crt/

Edit /Library/Tenon/WebServer/Configuration/ssl.crt/ca_bundle.crt appending the intermediate certificate to this file.

Now your VH will be available as http:// or https://


3. Administration
3.1. Subadministration
Question:
Can I assign one of my clients the ability to manage his own websites?
Answer:
Yes. Once you create the web site (Virtual Host) for your client, create a login for that client in User Settings. You will probably want to give your client FTP access to his content area.

Then, go to the client's virtual host configuration page and click the lock on the lower left hand corner. This invokes the Authorization Service. Choose the client's login entry on the pop-up User Settings panel and click Save.

Using this method you can selectively give your clients access to various portions of the iTools Admin (for example, Log Reports). When your clients access the iTools Admin on port 84 or 85 they will only have icons for the areas they are cleared to access.

3.2. Subadministration Limitations
Question:
Is there anything a subadministrator can't do?
Answer:
The subadministrator can do everything that an iTools administrator can do, except add users and add virtual hosts. This limitation is necessary to protect the system resources.

3.3. Using Server Side Includes
Question:
I am trying to configure Apache to handle shtml documents. It sends shtml documents with a header text/plain not text/html. Does iTools handle SSI extensions?
Answer:
Yes, for performance and efficiency Apache is designed to use the .shtml designation so it only has to scan those pages for SSI extensions.

Using the iTools Admin GUI:
iTools Admin ->WebSettings -> MIME Types -> Handlers
Add:
Handler Name: server-parsed
Associated Extensions: shtml

If you want Apache to scan every page for SSI extensions, add:

Handler Name: server-parsed
Associated Extensions: html

3.4. Log Reports
Question:
How do I see the web log reports?
Answer:
You will need to set up virtual hosts (web sites) before you can see the log reports. Once you have a virtual host set, you can access the log report via the System Status panel.

iTools Admin -> System Status -> Log Reports

3.5. Reinstalling "admin" user to iTools
Question:
I accidentally hit "Delete" on the "admin" user account. To my shock it didn't even ask me "Are you sure?" and deleted the only account with admin access. How do I get it back?
Answer:
Using Terminal type the following commands:

sudo tcsh
(This will allow your commands to be run as root.)

cd /Library/Tenon/System/Executables
./chngadmpasswd.pl admin <password>
(This will recreate the admin user.)


4. FTP
4.1. FTP - Passive Port Range
Question:
I opened up ports 20 and 21 in my Firewall, but FTP still doesn't work. Do I need to do something else?
Answer:
You need to open up ports 49152 to 65534 as well. These ports are used by passive ftp for data connections.

4.2. Uploading .htaccess files
Question:
We use iTools 9. How can we upload .htacces files via FTP?
Answer:
In /Library/Tenon/FTPServer/Configuration/proftpd.conf

Change:
PathDenyFilter "(\\.ftpaccess)|(\\.htaccess)|(\\.quota)$"

To:
PathDenyFilter "(\\.ftpaccess)|(\\.quota)$"

and restart the FTPServer using the scripts:

/Library/Tenon/System/Scripts/FTPSERVER restart


4.3. Unnecessary Folders Created
Question:
I was checking the WebSites folder created by iTools and I noticed that there were System-style folders inside, viz. "Downloads", "Library", and "Desktop". Why are these folders created in the WebSites folder?
Answer:
These folders are actually created by Mac OS X. Most likely you created an iTools FTP user with the home directory being the WebSites folder. Since an FTP user is a system user, Mac OS X automatically creates these folders for that FTP user. These folders serve no purpose for iTools and can be deleted.

5. PHP
5.1. PDO MySQL Library
Question:
How do I install the pdomysql library for running Magento?
Answer:
The latest PHP 5.3.1 includes the pdo libraries for MySQL. Magento has been used sucessfully by iTools 9 customers. You need to create a database for Magneto to use. And you need to check Follow Symlinks in Access Controls for the Magento directory.

To see the features of PHP, copy i.php from /Library/Tenon/WebServer/Documents to a virtual host directory and see in a browser: http://your_virtual_host/i.php
Then search for pdo and you will that the pdomysql libraries you need are included.

5.2. php.ini
Question:
Where is my php.ini file?
Answer:
/Library/Tenon/PHP/lib/php.ini

6. MySQL
6.1. Upgrading MySQL
Question:
I just upgraded from iTools 8.2 to iTools 9, including the latest MySQL, and now database accesses are broken. What can I do?
Answer:
In MySQL 5.1 the data directory structure changed. If you upgraded to MySQL 5.3.3 from a version earlier than 5.1 you may see #mysql50# prepended in front of the database name.

See http://dev.mysql.com/doc/refman/5.1/en/alter-database.html for more information. Or contact Tenon for assistance.

7. WebDNA
7.1. Installing WebDNA
Question:
How do I install WebDNA 7 in iTools 9 on Snow Leopard?
Answer:
1. Move the /WebDNA folder to /Library/Tenon/WebServer/Documents

2. Move WebDNA.fcgi to /Library/Tenon/WebServer/Documents/WebDNA

3. As root or using sudo:
chmod 755 /Library/Tenon/WebServer/Documents/WebDNA/WebDNA.fcgi

4. Make sure that mod_rewrite and mod_fastcgi are both loaded -- See iTools Admin -> WebServer ->Advanced Configuration -> Modules

Alternatively, in httpd.conf (/Library/Tenon/WebServer/Configuration)

add:
LoadModule rewrite_module /Library/Tenon/WebServer/Modules/mod_rewrite.so

/LoadModule fastcgi_module /Library/Tenon/WebServer/Modules/mod_fastcgi.so

5. Then add to httpd.conf:

#-----------------------

FastCGIServer /Library/Tenon/WebServer/Documents/WebDNA/WebDNA.fcgi -idle-timeout 60 -processes 1
Action webdna-fastcgi /WebDNA/WebDNA.fcgi
AddHandler webdna-fastcgi .dna



RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]



Deny from all

#-----------------------

6. Restart Apache:
/Library/Tenon/System/Scripts/WEBSERVER restart

7.You should now be able to connect to:
http://localhost/WEbDNA/Admin/AdminPrefs.dna

login: admin
password: admin

That's it!

Generated: 18.11.2017 19:01
Powered by FAQEngine V4.07.4 ©2001-2005 Bösch EDV-Consulting