Windows deployment
Hideez Enterprise Server on Windows
Requirements
Internet Information Services (IIS)
MySQL Server (version 8.0+)
PowerShell to execute commands in the console
System Preparation
1. If the web server is not enabled then use the official guide to enable IIS.
2. Enable WebSockets on IIS according to this guide
If the IIS installation requires a restart, restart the system.
You can perform a simple test by opening a web browser and browsing http://<you_domain_name>
You should see a default IIS page.
3. Download and install Windows Hosting Bundle
You can download the latest versions of this applications. They can be found at https://dotnet.microsoft.com/download/dotnet-core/5.0
[Note] You MUST have IIS installed before installing Windows Hosting Bundle
4. Download and install
Alternatively, You can also go to https://dev.mysql.com/downloads/installer and download the latest versions of this applications
You can read the documentation for installing MySQL at this address.
When installing MySQL to run our software, you can select the Server only option
During installation, you may need an additional Microsoft Visual C ++ 2019 Redistributable Package. Agree, and perform the installation
Also, during the installation process, you will be prompted to enter a strong password for the root user. Don't forget this password, we'll need it later
If the server configuration step was skipped during the installation, you can do so after installation by clicking Start / My SQL Installer Community and selecting the "Reconfigure" action
Getting Started (fresh install)
Step 1.
Creating MySQL User and Database for the Hideez Enterprise Server
Start the MySQL Command Line Client (Start/MySQL 8.0 Command Line Client), enter the MySQL root user password.
The following lines create a database db, the user user with the password <user_password>
. Сhange <user_password>
to a strong password, otherwise you may get a password validator error.
Step 2.
2.1 Download HES server
Option 1
You can download the zip file in the usual way for you from https://update.hideez.com/hes/windows_x64_latest.zip, then unzip its contents to a folder C:\Hideez\HES
.
Option 2
Or you can do it with powershell:
this download and extract the HES to C:\Hideez\HES
directory
2.2. Configuring the HES
Copy appsettings.json to appsettings.Production.json.
You can do this in the usual way through Explorer, by making a copy of file and opening the file in Notepad, or by using powershell:
Edit the file C:\Hideez\HES\appsettings.Production.json:
Replace the following settings in this file with your own:
<user_password>
- Password for the user on MySQL server<smtp_host>
- Host name of your SMTP server (example:smtp.example.com
)<smtp_port>
- Port number of your SMTP server (example:123
)<email_address>
- Your email adress (example:user@example.com
)<email_password>
- Password to access the SMTP server (example:password
)<you_domain_name>
- you fully qualified domain name (FQDN) of your HES site (example:hideez.example.com
)
Step 3.
Configuring IIS
4.1 Create a Self-Signed Certificate for IIS
Note:
In production, you should take care of acquiring a certificate from a certificate authority. For a self-signed certificate, the browser will alert you that site has security issues.
Option 1 (creating a certificate using IIS)
Start IIS Manager. For information about starting IIS Manager, see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc770472(v=ws.10)?redirectedfrom=MSDN
Click on the name of the server in the Connections column on the left. Double-click on Server Certificates.
In the Actions column on the right, click on Create Self-Signed Certificate...
Enter any friendly name (for example HES) and then click OK.
You will now have an IIS Self Signed Certificate valid for 1 year listed under Server Certificates.
you can click on the created certificate and see its properties
Option 2 (creating a certificate using powershell)
An alternative way to create a certificate is to use the cmdlet New-SelfSignedCertificate
in PowerShell, which can be used to specify the required CN:
for example:
4.2 Add the Web Site
Start IIS Manager. For information about starting IIS Manager, see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc770472(v=ws.10)?redirectedfrom=MSDN
In the Connections pane, right-click the Sites node in the tree view, and then click Add Web Site.
In the Add Web Site dialog box, type a friendly name for your Web site in the Web site name box. "HES" would be a good choice
In the Physical path box, type the physical path of the Web site's folder (C:\Hideez\HES), or click the browse button (...) to browse the file system to find the folder.
If you want to select a different application pool than the one listed in the Application Pool box. In the Select Application Pool dialog box, select an application pool from the Application Pool list, and then click OK.
The default value in the IP address box is All Unassigned. If you must specify a static IP address for the Web site, type the IP address in the IP address box.
Optionally, type a host header name for the Web site in the Host Header box.
If you do not have to make any changes to the site, and you want the Web site to be immediately available, select the Start Web site immediately check box.
Click OK.
In the Bindings pane click "Add" and Add site Binding with type https for you hostname port 443 and with you certificate (In the SSL cerificate drop-down menu, select your certificate)
Under the server's node, select Application Pools.
Right-click the site's app pool and select Basic Settings from the contextual menu.
In the Edit Application Pool window, set the .NET CLR version to No Managed Code.
(optmal) In Sites node turn off "Default Web Site"
Setup is complete. The server should be accessible in a browser at the address (https://<you_domain_name>
).
You must use your domain name to access the HES server (e.g. https://hideez.example.com
).
Updating
1. Back up the HES binaries and the configuration file
Stop the site using the IIS console
rename old binary folder:
or in PowerShell:
If you get an error that some files are busy, you may need to wait a while (up to 10 minutes)
3. Backuping MySQL Database
The following commands will create a copy of the database in file db.sql in directory C:\Hideez\HES.old
:
change <MySQL_root_password> with your real password
4. Download and install the latest HES
Download the zip file in the usual way for you from https://update.hideez.com/hes/windows_x64_latest.zip, then unzip its contents to a folder C:\Hideez\HES
or in PowerShell:
5. Restoring the configuration file
copy C:\Hideez\HES.old\appsettings.Production.json
to C:\Hideez\HES\appsettings.Production.json
in Explorer
or in PowerShell:
6. Starting the HES
Start the site using the IIS console
or in PowerShell:
If something goes wrong, you can restore the HES server using the following commands:
Stop the site using the IIS console, then rename old foler to HES, then restore database:
change <MySQL_root_password> with your real password
And start the site using the IIS console
After checking that the update was successful and everything works fine, you can delete copies of the database and server:
delete folder C:\Hideez\HES.old
in PowerShell
Possible problems and solutions
Problem: When activating the data protection, HES requires the data protection password to be entered after each startup
Solution:
The HES server stores the data protection password in RAM until it restarts. After that, HES will ask for the password again each time. To save the data protection password between HES reboots, it is possible to save this password in the file appsettings.Production.json
:
After editing appsettings.Production.json
, you need to restart HES.
To change the data protection password login to HES and go to "Settings" - "Data Protection" - "Change Password". After this, you need to update the password in the appsettings.Production.json
also.
Problem: When activating data protection, the administrator's e-mail often receives messages, such as: "Your Hideez Enterprise Server has been restarted. Please activate the data protection on the server by clicking this button:"
Solution: Typically, this problem is due to the fact that IIS stops your HES server if the application doesn't receive any request in the specified time period (default for 20 minutes)
Step 1 Cancel Idle Time-out:
Go into the IIS Manager
Click on Application Pools (on the left)
Right click on your application pool
Select
Advanced Settings
Change the value of
Idle Time-out (minutes)
from 20 to 0Click "OK"
Step 2 Cancel IIS Recycling :
Go into the IIS Manager
Click on Application Pools (on the left)
Right click on your application pool
Select
Recycling...
Uncheck "Regular time intervals (in minutes)"
Click "Next"
Click "Finish"
Step 3 Restart the IIS
Last updated