Configuration Manual SL-ATR v7 0

LOGISTICS SYSTEM FOR THIRD
PARTY NETWORK ACCESS (SLATR)
WEBSITE CLIENT REQUIREMENTS
Reference no.: SLATR-RSC-01
Version: 6.0
Document control
Version
1.0
2.0
3.0
4.0
5.0
6.0
7.0
Date
21/08/2009
16/03/2011
08/05/2012
15/03/2013
19/09/2013
27/09/2013
28/08/2014
Summary of amendments made
Initial version
Update of SL-ATR 2.0 Homepage
Connection requirements
Update of e-token driver
Update of public addressing
Update of O.S./ Internet Explorer version / updates / Microsoft
security /trusted URSL
Update connection requirements
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
CONTENTS
1. INTRODUCTION
3
2. MINIMUM CLIENT REQUIREMENTS, WEBSITE
4
2.1. HARDWARE REQUIREMENTS
4
2.2. OPERATING SYSTEM
4
2.3. MICROSOFT INTERNET EXPLORER WEB BROWSER
5
2.4. MICROSOFT OFFICE
5
2.5. SUN JAVA PLUG-IN
5
2.6. MICROSOFT SECURITY UPDATES
6
3. CONFIGURATION PROCEDURE FOR SUN JRE PLUG-IN 1.6.0-13
OR ABOVE
7
4. E-TOKEN DRIVER INSTALLATION PROCESS
8
4.1. FIRST-TIME INSTALLATION
4.2. UPDATE
5. INTERNET EXPLORER CONFIGURATION REQUIREMENTS
8
12
15
5.1. INTERNET EXPLORER ADVANCED SETTINGS OPTIONS
15
5.2. INTERNET EXPLORER SECURITY SETTINGS
15
5.3. ACTIVEX CONTROL SETTINGS
15
6. CONNECTION REQUIREMENTS
17
Systems Department
Pg. -2-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
1.
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
INTRODUCTION
This document aims to provide details of minimum requirements
supported by the current version of the Logistics System for Third Party
Network Access (SL-ATR) on its client website.
It also includes a configuration guide for client workstations, on the
items that need modification to use the system version correctly: Sun JRE
plug-in and e-token driver. This guide assumes that the client workstation
already has the correct version of the operating system, Microsoft Office,
Java Client and a browser that works correctly accessing the Internet.
This document does not include sections on how to install standard
hardware and software, such as the operating system, browser or Java
client. Basic installation of these products can be found in the related
installation or help manuals.
Systems Department
Pg. -3-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
2. MINIMUM CLIENT REQUIREMENTS, WEBSITE
In order to access the SL-ATR correctly, a client workstation needs the
following minimum requirements:
Digital certificate + PKI
PKI Driver
Screen resolution: 1280 x 1024
Normal-size screen fonts (96 dpi)
Access to the system is online or via an RTC/IDSN connection, which
requires an e-token access key provided by Enagás GTS and connected to
the PC's USB port.
The following paragraphs list the hardware and software requirements.
2.1. HARDWARE REQUIREMENTS
Clients require a PC with the following configuration:
USB connector
128 MB. RAM (256 MB is recommended)
500 MHz microprocessor
High-speed internet connection
Graphics card supporting a resolution of 1024 x 768 (17” monitor
is recommended)
2.2. OPERATING SYSTEM
The following operating systems are compatible with this SL-ATR
version:
Windows XP
Windows Vista
Windows 7
Systems Department
Pg. -4-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
2.3. MICROSOFT INTERNET EXPLORER WEB BROWSER
The following versions of Internet Explorer are compatible with this
version:
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
2.4. MICROSOFT OFFICE
The following versions of Microsoft Office are compatible with this
version:
Microsoft Office 2003
Microsoft Office 2010
2.5. SUN JAVA PLUG-IN
The minimum version of the SUN JRE Plug-in required for each standard
operating system is as follows (as a general rule, the latest available
version should be installed):
Windows XP with Sun JRE plug-in 1.5.0_18 or later (in the
5.0 release)
Windows Vista and Windows 7 with Sun JRE plug-in
1.6.0_13 or later (within the 6.0 release)
Systems Department
Pg. -5-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
2.6. MICROSOFT SECURITY UPDATES
Both Windows Operating System and the Internet Explorer Browser
must have the latest available security updates.
If it does not have a company update distribution system such as WSUS
or SSCM, follow the steps below on each computer:
1. Go to Control Panel and select Windows Update.
2. Next, click on Change settings. The following options will appear:
3. Click on Accept.
Systems Department
Pg. -6-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
3.
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
CONFIGURATION PROCEDURE FOR SUN JRE
PLUG-IN 1.6.0-13 OR ABOVE
Once the installation is complete, access the Java console control panel
through the Control Panel > Java menu.
Once in this screen, select the Advanced tab and tick the following
option: Security > Use certificates and keys in browser keystore.
Click on Apply.
Systems Department
Pg. -7-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
4.
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
E-TOKEN DRIVER INSTALLATION PROCESS
To run the following process, you must be connected to the PC as a
user with administrator-level positions. If you do not have these
permissions, please contact your Company's Information Systems
Department to update your computer.
4.1. FIRST-TIME INSTALLATION
This process is only applicable if you are accessing the SL-ATR for the
first time and you do not have the e-token driver installed on your
computer.
Use of the e-token key requires installation of the e-token’s RTE
Runtime Environment, which contains the files and components required
(drivers) for it to work.
Both the e-token drivers and the MSI can be downloaded free from the
website:
For 32 bits:
https://www.crl.enagas.es/PKIClient-x32-5.1-SP1.msi
For 64 bits:
https://www.crl.enagas.es/PKIClient-x64-5.1-SP1.msi
The e-token drivers are installed as indicated below:
1. Double click on the PKIClient-x32-5.1-SP1.msi file, from the location
indicated to download it or by indicating the name of the route
displayed in the Run option of the Windows Start menu. There must
be no keys connected to the computer during the installation.
Systems Department
Pg. -8-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
2. Select “Spanish” language:
3. Accept the license agreement. The product’s default installation
route appears. The driver installation will begin. Wait until it is
finished.
Systems Department
Pg. -9-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
4. Click on “Finish” to complete the installation:
Systems Department
Pg. -10-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
5. This step is only required if your computer has the JRE 1.6.
plug-in. Access the Properties screen of the e-token driver
through the eToken-Properties option under the Start>Programs
submenu.
Systems Department
Pg. -11-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
6. Once in this view, tick the option “Enable Single Logon Mode”
through the Advanced > PKI Client Configuration > Advanced tab.
Once it has been ticked, hit Save.
4.2. UPDATE
This procedure is only applicable if the computer already has the etoken driver installed and version 1.6 of the JRE plug-in has been
subsequently installed/the JRE plug-in has been updated to version 1.6:
1. Access the Properties screen of the e-token driver through the
eToken-Properties option under the Start>Programs submenu.
Systems Department
Pg. -12-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
2. Once in this view, tick the option “Enable Single Logon Mode”
through the Advanced > PKI Client Configuration > Advanced tab.
Once it has been ticked, press Save.
Systems Department
Pg. -13-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
Systems Department
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
Pg. -14-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
5.
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
INTERNET EXPLORER CONFIGURATION
REQUIREMENTS
Users must take the following Internet Explorer configuration
requirements into consideration to access all of SL-ATR system functions
correctly.
5.1. INTERNET EXPLORER ADVANCED SETTINGS OPTIONS
Once the virtual machine has been installed, it is important that you
check that the checkbox for use of Java Virtual Machine 1.5/1.6 employed
to execute Java applets is ticked in the IExplorer browser installed.
You must check that the Java Version (Sun) checkbox ticked is correct
and Java version options are enabled.
5.2. INTERNET EXPLORER SECURITY SETTINGS
The security applied in the "Privacy" tab of Internet Explorer must be
"Medium" or lower.
The Pop-up Blocker checkbox must also be unticked.
5.3. ACTIVEX CONTROL SETTINGS
Change the “Initialize & script ActiveX controls not marked safe
for scripting” option to Enable-Allow.
Select “Enable” under “Run ActiveX controls and plug-ins””.
Enable the following settings under “ActiveX Controls and Plug-ins”:
Run ActiveX controls and plug-ins
Activate the ActiveX control command sequence not marked safe
Activate the ActiveX control commands marked safe
Download signed ActiveX controls
Download unsigned ActiveX controls
Systems Department
Pg. -15-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
Once these changes have been made to IExplorer’s ActiveX control
settings, and following the other SL-ATR access configuration requirements,
users will be able to download and upload files through the SGITD option in
the application.
To use the SL-ATR system functions correctly, all Internet Explorer and
Sun Java options need to be configured as previously indicated in this
document.
Systems Department
Pg. -16-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
6.
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
CONNECTION REQUIREMENTS
To access the SL-ATR homepage, the following URL must be identified
as trusted sites in the browser used to access them.
•
https://www.atrgas.com
•
https://www.slatr.atrgas.com
•
https://www.ms.atrgas.com
•
https://autenticacion.enagas.es
•
https://login.enagas.es
•
https://autorizacion.atrgas.com
•
http://linkag01.enagas.es
Communication with the URL https://autenticacion.enagas.es and
https://login.enagas.es must be enabled through TCP port 8443. The SSL
protocol is used although it is done so through this port. This
communication may need to be expressly enabled on certain proxy servers.
Computers used to access the system must have a certificate installed
by the Enagás Issuing Entities, which are trusted CAs. Certificates can be
downloaded from the following addresses.
•
http://www.crl.enagas.es/Autoridad Certificacion SL-ATR.crt
•
http://www.crl.enagas.es/Enagas-root-ca.crt
In the case of a firewall or proxy to which IP -> Port rules are attached,
the following public IP addresses should be obtained through the ports
indicated:
•
www.atrgas.com
->
194.224.167.167 -> TCP 443
•
www.slatr.atrgas.com
->
194.224.167.164 -> TCP 443
•
autenticacion.enagas.es ->
194.224.167.162 -> TCP 8443
•
www.crl.enagas.es
->
194.224.167.171 -> TCP 80
•
www.ms.atrgas.com
->
194.224.167.174 -> TCP 443
•
www.slatrpoc.atrgas.com->
213.0.117.61
-> TCP 443
•
autorizacion.atrgas.com ->
213.0.117.63
-> TCP 443
•
login.enagas.es
213.0.117.57
-> TCP 8443
Systems Department
->
Pg. -17-
Website, Client Requirements
Logistics System for Third Party Network
Access (SL-ATR)
•
linkag01.enagas.es
->
213.0.117.56
REF. NO.: SLATR-
RSC-01
VERSION: 6.0
-> TCP 80
Computers should also be able to obtain Enagás’s CRL (Certification
Revocation List) at the following addresses:
•
http://www.crl.enagas.es/Autoridad Certificacion SL-ATR.crl
•
http://www.crl.enagas.es/Enagas-root-ca.crl
Systems Department
Pg. -18-

Download Report