Installing Tanium Server
The Tanium™ Server role installation creates the Tanium Server and database server, SSL certificates, SSH keys, and Tanium Server configuration database.
- Basic network, host, and user settings are configured. See Completing the initial setup (hardware appliances).
- Network firewall rules allow Tanium processes to communicate as expected. See Network connectivity and firewall.
Beginning in Tanium Core Platform 7.4, the Tanium Server includes a pki.db file that contains the root keys, Tanium Server TLS keys, and message-signing keys for the Tanium Server. If you migrate from a Windows installation with Tanium Core Platform 7.4 or later, or if you restore the Tanium Server appliance from a backup, you can reuse the previous pki.db file to maintain existing trusts.
- Obtain a copy of the pki.db file from your existing Tanium Server or from a backup file.
- Use SFTP to copy the pki.db file to the /incoming folder on the appliance before the install.
- Log into the Tanium Server appliance as a user with the tanadmin role.
- Enter 1 to go to the Tanium Installation menu.
- Enter 2 to install the Tanium Server.
- When prompted, specify a password for the initial Tanium Console admin user (tanium).
You specify the Tanium Console admin user (tanium) and password when you complete the Module Server registration with the Tanium Server and when you log into the Tanium Console for the first time. Make sure you specify a password that you will be able to recall.
- When prompted, specify the Tanium platform version that you want to install.
- Enter YES to continue with the installation.
- If you copied the pki.db file to the /incoming folder on the appliance, the installer discovers the file and prompts you to install it. Enter YES to continue.
The installation takes approximately one minute to complete.
Installation of the Tanium Server automatically sets up TLS for Tanium Client to Tanium Server connections. One setting is set implicitly to a non-disruptive value by default:
- RequireIncomingEncryption is set to 0 (TLS not required)
Tanium Core Platform version 7.3 or prior
To change the default values, go to the Tanium Operations menu and use the Configuration Settings menu to change the values. See Change a Tanium server configuration
Tanium Core Platform version 7.4 or later
When you install the Tanium Zone Server role, TLS is enabled by default in Tanium Core Platform 7.4.
Last updated: 4/3/2020 4:19 PM | Feedback