Additional post-installation tasks

Configuring the hardware security module (HSM) dependency in the daemon configuration

If you want to use OneSpan Authentication Server with an Entrust nShield HSM, you need to add a start dependency on the respective HSM daemon to the OneSpan Authentication Server daemon init script.

Open the following file:

/etc/init.d/vasco-ias

Locate the following line:

# Required-Start: $local_fs $remote_fs $network

Change it to include the Entrust nShield HSM daemon:

# Required-Start: $local_fs $remote_fs $network nc_hardserver

Removing the DBeaver database tool

When you install the embedded MariaDB database, the setup automatically installs the DBeaver database tool. DBeaver is a free multi-platform database tool to help database administrators with administrative DB management tasks on the OneSpan Authentication Server database. Note that DBeaver is installed for convenience reasons only and is not a vital component for OneSpan Authentication Server to work properly.

If you prefer another database tool or do not want to use DBeaver for another reason, you can safely remove the DBeaver tool from the system.

  • With this command (Ubuntu Server): sudo dpkg --purge dbeaver-ce
  • With this command (Red Hat Enterprise Linux): sudo rpm -e dbeaver-ce

Considering a backup strategy

Consider a backup strategy to be put in place for files which will require backing up.

For more information, refer to the OneSpan Authentication Server Administrator Guide.

When you copy, migrate, or back up encrypted database files, ensure that you also back up the encryption key (and/or the optional password key). Otherwise, you will not be able to read the data afterward, as it will be encrypted.

Configuring additional OneSpan Authentication Server instances

The instructions for configuring additional instances of OneSpan Authentication Server are similar to those of setting up the first instance. However, the following settings will be overwritten when replication is set up:

  • Master domain
  • User ID/domain name conversion

Each additional OneSpan Authentication Server instance requires a separate license key.

Planning for replication

Replication may be required between several OneSpan Authentication Server instances.

For more information, refer to the OneSpan Authentication Server Administrator Guide.