System Requirements
These are the system requirements for TCG Authorization Server.
Operating System
The following operating systems and system components are required.
Supported
Microsoft Windows Server 2016 or higher
Recommended
Microsoft Windows Server 2019
Microsoft Windows Server Roles and Features
To install and set up the TCG Authorization Server, you must first install Internet Information Services (IIS) and the .NET 6 hosting bundle for IIS.
Important Please make sure that the latest updates for Microsoft Windows and all the installed components are installed.
Setting Up IIS
If the IIS features are not installed yet on your system, you can use the following commands in a PowerShell to install them:
Set-ExecutionPolicy Bypass -Scope Process
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerRole
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServer
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerManagementTools
Enable-WindowsOptionalFeature -Online -FeatureName IIS-ManagementConsole
.NET 6 Hosting Bundle for IIS
Important The installation of the .NET 6 SDK or .NET 6 Runtime are not enough, https://dotnet.microsoft.com/en-us/download/dotnet/6.0
Configured SSL Certificates
A configured HTTPS certificate is mandatory. Browsers refuse to use required encryption modules in case the communiation is not encrypted.
Extended IIS Maximum Query String Length
By default, IIS limits the maximum query string length on IIS to 2048 bytes. This can lead to requests to the Authorization Server being blocked by IIS. Therefore, Authorization Server ships with an extended query length limitation to 10000 bytes.
If this limit is still not sufficient, please notify the vendor. Increase the maximum query string (Bytes) in the Request Filtering Settings of IIS. Alternatively, you can set it in the IIS web.config file of the Authorization Server, however, this can lead to installations not being able to update that file anymore.
<security>
<requestFiltering>
<requestLimits maxQueryString="100000" />
</requestFiltering>
</security>
Encrypted Communication (HTTPS)
It is not possible to run the TCG Authorization Server without SSL encrypted web traffic. The transferred data is very confidential and leaking this sort of data exposes access to the entire set of services that depend on it. The only case where non-encrypted http traffic is considered ok is in a load balancer scenario where the IT specialist has the necessary experience to create private networks. All known requirements for SSL certificates also apply, such as they must not be expired, state-of-the-art ciphers, self-signed certificates require explicit setup to trusted root certificates.
Hardware Requirements
The following hardware requirements need to be considered.
Storage
A solid-state drive (SSD); no spinning disks
Memory and CPU
- TCG Authorization Server - at minimum 4 GB RAM, 2 cores
- Database server - at minimum 4 GB RAM, 2 cores, optimized for I/O operations
Supported Database Server
The following database server are supported.
MS SQL Server
Microsoft SQL Server 2016, Microsoft SQL Server 2017, Microsoft SQL Server 2019, and Microsoft SQL Server 2022.
The MSSQL databases require the READ_COMMITTED_SNAPSHOT set to ON - that is automatically taken care of by our automatic installation and our scripts.
recommended: min. Microsoft SQL Server 2019
Important For production not supported any SQL Express version of MS SQL Server.
Oracle
Oracle 19 c, Oracle 18 c (18.3), Oracle 12C R2
recommended: min. Oracle 12C R2
Important There are special installation requirements for setting up Oracle databases prior to running the installation. For more information, refer to the Administrator Guide.
PostgreSQL
PostgreSQL version 12.9 and higher
recommended: PostgreSQL version 14
Important You can use user name and password but no trusted connections.
DB2
DB2 10.5 and 11.5
Important There are special installation requirements for setting up DB2 databases prior to running the installation.
Azure SQL
Usage on Azure Cloud only.