{"lines":[{"page":1,"text":"TAK","rect":[102.82599639892578,219.259033203125,162.73641494750977,201.90806579589845]},{"page":1,"text":"Distribution Statement","rect":[71.99996948242188,720.1882934570313,165.3132805337906,713.6787109375]},{"page":1,"text":"Server Confguration","rect":[172.03158569335938,224.21644592285157,426.2976624965668,201.90806579589845]},{"page":1,"text":"A:","rect":[168.37979125976563,720.0,177.83932879924775,713.580078125]},{"page":1,"text":"Approved","rect":[180.91482543945313,721.7305297851563,219.82899667835236,713.580078125]},{"page":1,"text":"for","rect":[222.8955078125,720.0,233.91520719718933,713.6787109375]},{"page":1,"text":"public","rect":[236.9906768798828,721.7305297851563,261.5496155319214,713.77734375]},{"page":1,"text":"Version 5.2","rect":[266.656982421875,534.60986328125,345.27417328071598,524.6105346679688]},{"page":1,"text":"`July 2024","rect":[269.3289794921875,611.9329223632813,337.24389984321598,599.1217651367188]},{"page":1,"text":"release; distribution is","rect":[264.6251220703125,721.7215576171875,353.32966437816619,713.77734375]},{"page":1,"text":"unlimited.","rect":[356.3961486816406,720.0896606445313,397.3277626371384,713.77734375]},{"page":1,"text":"Guide","rect":[435.59283447265627,219.5316925048828,508.9378891506195,201.9576416015625]},{"page":2,"text":"C` ontents","rect":[72.0,82.12075805664063,135.00851906108856,71.94930267333985]},{"page":2,"text":"1` About TAK Server","rect":[72.0,103.97956848144531,183.11288341426849,96.9260482788086]},{"page":2,"text":"2` Change Log","rect":[72.0,127.79049682617188,146.62983152866364,118.85404205322266]},{"page":2,"text":"3` System Requirements","rect":[72.0,149.69850158691407,196.10412214183808,140.77200317382813]},{"page":2,"text":"3.1 Supported Operating Systems . . . . . . . . . . . . . ..","rect":[86.94406127929688,161.71328735351563,355.9342311964035,152.64732360839845]},{"page":2,"text":"3.2 Server Requirements . . . . . . . . . . . . . . . . . . ..","rect":[86.94406127929688,173.5487518310547,355.9342006788254,164.6023406982422]},{"page":2,"text":"3.3 AWS / GovCloud Recommended Instance Type . . . ..","rect":[86.94406127929688,186.06265258789063,356.00399437999729,176.11001586914063]},{"page":2,"text":"`4","rect":[72.00006103515625,205.49896240234376,77.728555893898,198.9635009765625]},{"page":2,"text":"Installation","rect":[86.94396209716797,205.5487823486328,143.82043307685854,198.5849151611328]},{"page":2,"text":"4.1 Overview and Installer Files . . . . . . . . . ..","rect":[86.94412231445313,217.66416931152345,317.2196315870285,210.4313201904297]},{"page":2,"text":"4.1.1 Installer for single-server install . . . ..","rect":[109.85812377929688,231.45230102539063,317.2296108350754,222.38633728027345]},{"page":2,"text":"4.1.2 Database installer for two-server install","rect":[109.85812377929688,241.46461486816407,313.02544823741916,234.3413543701172]},{"page":2,"text":"4.1.3 Core installer for two-server install . ..","rect":[109.85812377929688,253.5292205810547,317.24956933116916,246.29637145996095]},{"page":2,"text":"4.1.4 Containerized docker install bundle . ..","rect":[109.85812377929688,265.4842529296875,317.249538813591,258.25140380859377]},{"page":2,"text":"4.1.5 Containerized hardeneded docker install","rect":[109.85812377929688,277.43927001953127,316.29314843273166,270.2064208984375]},{"page":2,"text":"4.1.6 Installer for federation hub (beta) . ..","rect":[109.85812377929688,291.6667175292969,317.2595180616379,281.7140808105469]},{"page":2,"text":"4.1.7 Verifying GPG signatures . . . . . . ..","rect":[109.85812377929688,303.183349609375,317.2694362745285,294.1174011230469]},{"page":2,"text":"4.2 New Installation: One Server . . . . . . . . ..","rect":[86.94412231445313,313.30523681640627,317.2495082960129,306.0723876953125]},{"page":2,"text":"4.2.1 Prerequisites . . . . . . . . . . . . . ..","rect":[109.85812377929688,326.9737854003906,317.249538813591,318.2465515136719]},{"page":2,"text":"4.2.2 TAK Server Installation . . . . . . . ..","rect":[109.85812377929688,337.2152099609375,317.26946679210666,329.8727722167969]},{"page":2,"text":"4.3","rect":[86.94412231445313,361.1261901855469,99.66635847091675,354.1722717285156]},{"page":2,"text":"4.3.1 Overview . . . . . . . . . . . . . . . ..","rect":[109.85812377929688,373.0811767578125,317.2595180616379,365.84832763671877]},{"page":2,"text":"4.3.2 Server One: Database Server . . . . ..","rect":[109.85812377929688,385.0361633300781,317.2595180616379,377.8033142089844]},{"page":2,"text":"4.3.3 Server Two: Core Server . . . . . . . ..","rect":[109.85812377929688,396.99114990234377,317.2794155225754,389.75830078125]},{"page":2,"text":"4.4 Use Setup Wizard to Confgure TAK Server ..","rect":[86.94412231445313,410.77923583984377,317.2794155225754,401.60369873046877]},{"page":2,"text":"....","rect":[322.200927734375,216.0,348.183376704216,212.0]},{"page":2,"text":"....","rect":[322.2109375,230.0,348.1933559522629,224.0]},{"page":2,"text":"....","rect":[322.23089599609377,240.0,348.21331444835666,236.0]},{"page":2,"text":"....","rect":[322.2308349609375,252.0,348.21331444835666,248.0]},{"page":2,"text":"....","rect":[322.2308349609375,264.0,348.2132839307785,260.0]},{"page":2,"text":"bundle","rect":[319.6107177734375,277.3296813964844,348.9106989784241,270.3160095214844]},{"page":2,"text":"....","rect":[322.24078369140627,290.0,348.21331444835666,283.0]},{"page":2,"text":"....","rect":[322.250732421875,302.0,348.233181391716,296.0]},{"page":2,"text":"....","rect":[322.2308349609375,312.0,348.20333520030979,308.0]},{"page":2,"text":"....","rect":[322.2308349609375,325.0,348.20333520030979,320.0]},{"page":2,"text":"....","rect":[322.250732421875,336.0,348.23321190929416,331.0]},{"page":2,"text":"....","rect":[322.27069091796877,350.0,348.2431606397629,343.0]},{"page":2,"text":"....","rect":[322.24078369140627,360.0,348.2132839307785,355.0]},{"page":2,"text":"....","rect":[322.2408142089844,372.0,348.2232631788254,367.0]},{"page":2,"text":"....","rect":[322.2408142089844,384.0,348.2232631788254,379.0]},{"page":2,"text":"....","rect":[322.2607116699219,395.0,348.23321190929416,391.0]},{"page":2,"text":"....","rect":[322.26068115234377,409.0,348.2431606397629,403.0]},{"page":2,"text":".","rect":[353.1646728515625,216.0,355.9243129835129,212.0]},{"page":2,"text":".","rect":[353.1746826171875,230.0,355.9343227491379,224.0]},{"page":2,"text":".","rect":[353.19464111328127,240.0,355.95428124523166,236.0]},{"page":2,"text":".","rect":[353.194580078125,252.0,355.9542202100754,248.0]},{"page":2,"text":".","rect":[353.18463134765627,264.0,355.94427147960666,260.0]},{"page":2,"text":".","rect":[353.1946105957031,276.0,355.9542507276535,272.0]},{"page":2,"text":".","rect":[353.194580078125,290.0,355.9542202100754,283.0]},{"page":2,"text":".","rect":[353.20452880859377,302.0,355.96416894054416,296.0]},{"page":2,"text":".","rect":[353.18463134765627,312.0,355.94427147960666,308.0]},{"page":2,"text":".","rect":[353.18463134765627,325.0,355.94427147960666,320.0]},{"page":2,"text":".","rect":[353.2144775390625,336.0,355.9741176710129,331.0]},{"page":2,"text":".","rect":[353.2244873046875,350.0,355.9841274366379,343.0]},{"page":2,"text":".","rect":[353.194580078125,360.0,355.9542202100754,355.0]},{"page":2,"text":".","rect":[353.2045593261719,372.0,355.96419945812229,367.0]},{"page":2,"text":".","rect":[353.2045593261719,384.0,355.96419945812229,379.0]},{"page":2,"text":".","rect":[353.2145080566406,395.0,355.974148188591,391.0]},{"page":2,"text":".","rect":[353.2145080566406,409.0,355.974148188591,403.0]},{"page":2,"text":"`5","rect":[72.0001220703125,431.0,77.72861692905426,424.12939453125]},{"page":2,"text":"Upgrade Existing TAK Server Installation","rect":[86.94402313232422,432.6474304199219,299.5060409870148,423.7010192871094]},{"page":2,"text":"5.1 Overview . . . . . . . . . . . . . . . . . ..","rect":[86.94412231445313,442.8191223144531,301.7576870069504,435.5862731933594]},{"page":2,"text":"5.2 Single-Server Upgrade . . . . . . . . . . ..","rect":[86.94412231445313,456.6072082519531,301.76763573741916,447.541259765625]},{"page":2,"text":"5.2.1 Rocky Linux 8 . . . . . . . . . . ..","rect":[109.85812377929688,468.5532531738281,301.8074916944504,459.6068420410156]},{"page":2,"text":"5.2.2 RHEL 8 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,478.6850891113281,301.8175014600754,471.6714172363281]},{"page":2,"text":"5.2.3 RHEL 7 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,490.64007568359377,301.8175014600754,483.62640380859377]},{"page":2,"text":"5.2.4 Ubuntu and Raspberry Pi OS . . ..","rect":[109.85812377929688,504.418212890625,301.79757348155979,495.3622131347656]},{"page":2,"text":"5.2.5 Centos 7 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,514.550048828125,301.79754296398166,507.31719970703127]},{"page":2,"text":"5.3 Two-Server Upgrade . . . . . . . . . . . ..","rect":[86.94412231445313,528.3391723632813,301.78753319835666,519.273193359375]},{"page":2,"text":"5.3.1 Rocky Linux 8 . . . . . . . . . . ..","rect":[109.85812377929688,540.2841796875,301.8074916944504,531.3377685546875]},{"page":2,"text":"5.3.2 RHEL 8 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,550.416015625,301.8175014600754,543.40234375]},{"page":2,"text":"5.3.3 RHEL 7 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,562.3710327148438,301.8175014600754,555.3573608398438]},{"page":2,"text":"5.3.4 Ubuntu and Raspberry Pi OS . . ..","rect":[109.85812377929688,576.149169921875,301.79757348155979,567.0932006835938]},{"page":2,"text":"5.3.5 Centos 7 . . . . . . . . . . . . . . ..","rect":[109.85812377929688,586.2810668945313,301.79754296398166,579.0482177734375]},{"page":2,"text":".","rect":[306.73895263671877,441.0,309.49859276866916,437.0]},{"page":2,"text":".","rect":[306.7489013671875,455.0,309.5085414991379,449.0]},{"page":2,"text":".","rect":[306.788818359375,467.0,309.5484584913254,461.0]},{"page":2,"text":".","rect":[306.79876708984377,477.0,309.55840722179416,473.0]},{"page":2,"text":".","rect":[306.79876708984377,489.0,309.55840722179416,485.0]},{"page":2,"text":".","rect":[306.77886962890627,503.0,309.53850976085666,497.0]},{"page":2,"text":".","rect":[306.77886962890627,513.0,309.53850976085666,509.0]},{"page":2,"text":".","rect":[306.76885986328127,527.0,309.52849999523166,521.0]},{"page":2,"text":".","rect":[306.788818359375,539.0,309.5484584913254,533.0]},{"page":2,"text":".","rect":[306.79876708984377,549.0,309.55840722179416,545.0]},{"page":2,"text":".","rect":[306.79876708984377,561.0,309.55840722179416,557.0]},{"page":2,"text":".","rect":[306.77886962890627,575.0,309.53850976085666,569.0]},{"page":2,"text":".","rect":[306.77886962890627,585.0,309.53850976085666,581.0]},{"page":2,"text":".","rect":[314.47991943359377,441.0,317.23955956554416,437.0]},{"page":2,"text":".","rect":[314.4898681640625,455.0,317.2495082960129,449.0]},{"page":2,"text":".","rect":[314.52972412109377,467.0,317.28936425304416,461.0]},{"page":2,"text":".","rect":[314.53973388671877,477.0,317.29937401866916,473.0]},{"page":2,"text":".","rect":[314.53973388671877,489.0,317.29937401866916,485.0]},{"page":2,"text":".","rect":[314.5198059082031,503.0,317.2794460401535,497.0]},{"page":2,"text":".","rect":[314.519775390625,513.0,317.2794155225754,509.0]},{"page":2,"text":".","rect":[314.509765625,527.0,317.2694057569504,521.0]},{"page":2,"text":".","rect":[314.52972412109377,539.0,317.28936425304416,533.0]},{"page":2,"text":".","rect":[314.53973388671877,549.0,317.29937401866916,545.0]},{"page":2,"text":".","rect":[314.53973388671877,561.0,317.29937401866916,557.0]},{"page":2,"text":".","rect":[314.5198059082031,575.0,317.2794460401535,569.0]},{"page":2,"text":".","rect":[314.519775390625,585.0,317.2794155225754,581.0]},{"page":2,"text":".","rect":[322.2208251953125,441.0,324.9804653272629,437.0]},{"page":2,"text":".","rect":[322.23077392578127,455.0,324.99041405773166,449.0]},{"page":2,"text":".","rect":[322.27069091796877,467.0,325.03033104991916,461.0]},{"page":2,"text":".","rect":[322.2806396484375,477.0,325.0402797803879,473.0]},{"page":2,"text":".","rect":[322.2806396484375,489.0,325.0402797803879,485.0]},{"page":2,"text":".","rect":[322.2607421875,503.0,325.0203823194504,497.0]},{"page":2,"text":".","rect":[322.2607421875,513.0,325.0203823194504,509.0]},{"page":2,"text":".","rect":[322.250732421875,527.0,325.0103725538254,521.0]},{"page":2,"text":".","rect":[322.27069091796877,539.0,325.03033104991916,533.0]},{"page":2,"text":".","rect":[322.2806396484375,549.0,325.0402797803879,545.0]},{"page":2,"text":".","rect":[322.2806396484375,561.0,325.0402797803879,557.0]},{"page":2,"text":".","rect":[322.2607421875,575.0,325.0203823194504,569.0]},{"page":2,"text":".","rect":[322.2607421875,585.0,325.0203823194504,581.0]},{"page":2,"text":".","rect":[329.9617919921875,441.0,332.7214321241379,437.0]},{"page":2,"text":".","rect":[329.97174072265627,455.0,332.73138085460666,449.0]},{"page":2,"text":".","rect":[330.0115966796875,467.0,332.7712368116379,461.0]},{"page":2,"text":".","rect":[330.0216064453125,477.0,332.7812465772629,473.0]},{"page":2,"text":".","rect":[330.0216064453125,489.0,332.7812465772629,485.0]},{"page":2,"text":".","rect":[330.0016784667969,503.0,332.76131859874729,497.0]},{"page":2,"text":".","rect":[330.00164794921877,513.0,332.76128808116916,509.0]},{"page":2,"text":".","rect":[329.99163818359377,527.0,332.75127831554416,521.0]},{"page":2,"text":".","rect":[330.0115966796875,539.0,332.7712368116379,533.0]},{"page":2,"text":".","rect":[330.0216064453125,549.0,332.7812465772629,545.0]},{"page":2,"text":".","rect":[330.0216064453125,561.0,332.7812465772629,557.0]},{"page":2,"text":".","rect":[330.0016784667969,575.0,332.76131859874729,569.0]},{"page":2,"text":".","rect":[330.00164794921877,585.0,332.76128808116916,581.0]},{"page":2,"text":".","rect":[337.70269775390627,441.0,340.46233788585666,437.0]},{"page":2,"text":".","rect":[337.712646484375,455.0,340.4722866163254,449.0]},{"page":2,"text":".","rect":[337.7525634765625,467.0,340.5122036085129,461.0]},{"page":2,"text":".","rect":[337.76251220703127,477.0,340.52215233898166,473.0]},{"page":2,"text":".","rect":[337.76251220703127,489.0,340.52215233898166,485.0]},{"page":2,"text":".","rect":[337.74261474609377,503.0,340.50225487804416,497.0]},{"page":2,"text":".","rect":[337.74261474609377,513.0,340.50225487804416,509.0]},{"page":2,"text":".","rect":[337.73260498046877,527.0,340.49224511241916,521.0]},{"page":2,"text":".","rect":[337.7525634765625,539.0,340.5122036085129,533.0]},{"page":2,"text":".","rect":[337.76251220703127,549.0,340.52215233898166,545.0]},{"page":2,"text":".","rect":[337.76251220703127,561.0,340.52215233898166,557.0]},{"page":2,"text":".","rect":[337.74261474609377,575.0,340.50225487804416,569.0]},{"page":2,"text":".","rect":[337.74261474609377,585.0,340.50225487804416,581.0]},{"page":2,"text":".","rect":[345.44366455078127,441.0,348.20330468273166,437.0]},{"page":2,"text":".","rect":[345.45361328125,455.0,348.2132534132004,449.0]},{"page":2,"text":".","rect":[345.49346923828127,467.0,348.25310937023166,461.0]},{"page":2,"text":".","rect":[345.50347900390627,477.0,348.26311913585666,473.0]},{"page":2,"text":".","rect":[345.50347900390627,489.0,348.26311913585666,485.0]},{"page":2,"text":".","rect":[345.4835510253906,503.0,348.243191157341,497.0]},{"page":2,"text":".","rect":[345.4835205078125,513.0,348.2431606397629,509.0]},{"page":2,"text":".","rect":[345.4735412597656,527.0,348.233181391716,521.0]},{"page":2,"text":".","rect":[345.49346923828127,539.0,348.25310937023166,533.0]},{"page":2,"text":".","rect":[345.50347900390627,549.0,348.26311913585666,545.0]},{"page":2,"text":".","rect":[345.50347900390627,561.0,348.26311913585666,557.0]},{"page":2,"text":".","rect":[345.4835510253906,575.0,348.243191157341,569.0]},{"page":2,"text":".","rect":[345.4835205078125,585.0,348.2431606397629,581.0]},{"page":2,"text":".","rect":[353.1846008300781,441.0,355.9442409620285,437.0]},{"page":2,"text":".","rect":[353.1945495605469,455.0,355.95418969249729,449.0]},{"page":2,"text":".","rect":[353.23443603515627,467.0,355.99407616710666,461.0]},{"page":2,"text":".","rect":[353.244384765625,477.0,356.0040248975754,473.0]},{"page":2,"text":".","rect":[353.244384765625,489.0,356.0040248975754,485.0]},{"page":2,"text":".","rect":[353.2244873046875,503.0,355.9841274366379,497.0]},{"page":2,"text":".","rect":[353.2244873046875,513.0,355.9841274366379,509.0]},{"page":2,"text":".","rect":[353.2144775390625,527.0,355.9741176710129,521.0]},{"page":2,"text":".","rect":[353.23443603515627,539.0,355.99407616710666,533.0]},{"page":2,"text":".","rect":[353.244384765625,549.0,356.0040248975754,545.0]},{"page":2,"text":".","rect":[353.244384765625,561.0,356.0040248975754,557.0]},{"page":2,"text":".","rect":[353.2244873046875,575.0,355.9841274366379,569.0]},{"page":2,"text":".","rect":[353.2244873046875,585.0,355.9841274366379,581.0]},{"page":2,"text":"`6 Containerized Installation (Docker)","rect":[72.0001220703125,610.4605102539063,265.08530113315586,600.5178833007813]},{"page":2,"text":"6.1 IronBank . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[86.94412231445313,620.154052734375,355.96416894054416,613.03076171875]},{"page":2,"text":"6.2 Building and Installing Container Images Using Docker","rect":[86.94412231445313,633.9431762695313,351.4511321191788,624.877197265625]},{"page":2,"text":"7` Confgure System Firewall","rect":[72.0001220703125,655.810302734375,219.7255546731949,646.843994140625]},{"page":2,"text":"7.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[86.94412231445313,665.9830322265625,355.9442409620285,658.7501831054688]},{"page":2,"text":"7.2 RHEL, Rocky Linux, and CentOS . . . . . . . . . . ..","rect":[86.94412231445313,679.7611694335938,355.98406640148166,670.7052001953125]},{"page":2,"text":"7.3 Ubuntu and Raspberry Pi . . . . . . . . . . . . . . . ..","rect":[86.94412231445313,691.7161865234375,355.964138422966,682.769775390625]},{"page":2,"text":"8` Software Installation Location","rect":[72.0001220703125,711.701416015625,237.96708529853823,704.6279907226563]},{"page":2,"text":"1","rect":[303.5091247558594,749.8878173828125,308.4904246330261,743.2527465820313]},{"page":2,"text":".","rect":[360.91552734375,160.0,363.6751674757004,154.0]},{"page":2,"text":".","rect":[360.9154968261719,172.0,363.67513695812229,166.0]},{"page":2,"text":".","rect":[360.98529052734377,185.0,363.74493065929416,178.0]},{"page":2,"text":".","rect":[360.9056091308594,216.0,363.66524926280979,212.0]},{"page":2,"text":".","rect":[360.91558837890627,230.0,363.67522851085666,224.0]},{"page":2,"text":".","rect":[360.935546875,240.0,363.6951870069504,236.0]},{"page":2,"text":".","rect":[360.935546875,252.0,363.6951870069504,248.0]},{"page":2,"text":".","rect":[360.9255676269531,264.0,363.6852077589035,260.0]},{"page":2,"text":".","rect":[360.935546875,276.0,363.6951870069504,272.0]},{"page":2,"text":".","rect":[360.935546875,290.0,363.6951870069504,283.0]},{"page":2,"text":".","rect":[360.9454650878906,302.0,363.705105219841,296.0]},{"page":2,"text":".","rect":[360.9255676269531,312.0,363.6852077589035,308.0]},{"page":2,"text":".","rect":[360.9255676269531,325.0,363.6852077589035,320.0]},{"page":2,"text":".","rect":[360.9554443359375,336.0,363.7150844678879,331.0]},{"page":2,"text":".","rect":[360.96539306640627,350.0,363.72503319835666,343.0]},{"page":2,"text":".","rect":[360.9355163574219,360.0,363.69515648937229,355.0]},{"page":2,"text":".","rect":[360.94549560546877,372.0,363.70513573741916,367.0]},{"page":2,"text":".","rect":[360.94549560546877,384.0,363.70513573741916,379.0]},{"page":2,"text":".","rect":[360.9554443359375,395.0,363.7150844678879,391.0]},{"page":2,"text":".","rect":[360.9554443359375,409.0,363.7150844678879,403.0]},{"page":2,"text":".","rect":[360.925537109375,441.0,363.6851772413254,437.0]},{"page":2,"text":".","rect":[360.93548583984377,455.0,363.69512597179416,449.0]},{"page":2,"text":".","rect":[360.975341796875,467.0,363.7349819288254,461.0]},{"page":2,"text":".","rect":[360.9853515625,477.0,363.7449916944504,473.0]},{"page":2,"text":".","rect":[360.9853515625,489.0,363.7449916944504,485.0]},{"page":2,"text":".","rect":[360.9654235839844,503.0,363.72506371593479,497.0]},{"page":2,"text":".","rect":[360.96539306640627,513.0,363.72503319835666,509.0]},{"page":2,"text":".","rect":[360.9554138183594,527.0,363.71505395030979,521.0]},{"page":2,"text":".","rect":[360.975341796875,539.0,363.7349819288254,533.0]},{"page":2,"text":".","rect":[360.9853515625,549.0,363.7449916944504,545.0]},{"page":2,"text":".","rect":[360.9853515625,561.0,363.7449916944504,557.0]},{"page":2,"text":".","rect":[360.9654235839844,575.0,363.72506371593479,569.0]},{"page":2,"text":".","rect":[360.96539306640627,585.0,363.72503319835666,581.0]},{"page":2,"text":".","rect":[360.9454650878906,619.0,363.705105219841,615.0]},{"page":2,"text":".","rect":[360.9654235839844,632.0,363.72506371593479,626.0]},{"page":2,"text":".","rect":[360.925537109375,664.0,363.6851772413254,660.0]},{"page":2,"text":".","rect":[360.9653625488281,678.0,363.7250026807785,672.0]},{"page":2,"text":".","rect":[360.9454345703125,690.0,363.7050747022629,684.0]},{"page":2,"text":".","rect":[368.6564636230469,160.0,371.41610375499729,154.0]},{"page":2,"text":".","rect":[368.65643310546877,172.0,371.41607323741916,166.0]},{"page":2,"text":".","rect":[368.7262268066406,185.0,371.485866938591,178.0]},{"page":2,"text":".","rect":[368.64654541015627,216.0,371.40618554210666,212.0]},{"page":2,"text":".","rect":[368.65655517578127,230.0,371.41619530773166,224.0]},{"page":2,"text":".","rect":[368.676513671875,240.0,371.4361538038254,236.0]},{"page":2,"text":".","rect":[368.6764831542969,252.0,371.43612328624729,248.0]},{"page":2,"text":".","rect":[368.66650390625,264.0,371.4261440382004,260.0]},{"page":2,"text":".","rect":[368.6764831542969,276.0,371.43612328624729,272.0]},{"page":2,"text":".","rect":[368.6764831542969,290.0,371.43612328624729,283.0]},{"page":2,"text":".","rect":[368.6864013671875,302.0,371.4460414991379,296.0]},{"page":2,"text":".","rect":[368.66650390625,312.0,371.4261440382004,308.0]},{"page":2,"text":".","rect":[368.66650390625,325.0,371.4261440382004,320.0]},{"page":2,"text":".","rect":[368.6963806152344,336.0,371.45602074718479,331.0]},{"page":2,"text":".","rect":[368.70635986328127,350.0,371.46599999523166,343.0]},{"page":2,"text":".","rect":[368.67645263671877,360.0,371.43609276866916,355.0]},{"page":2,"text":".","rect":[368.6864318847656,372.0,371.446072016716,367.0]},{"page":2,"text":".","rect":[368.6864318847656,384.0,371.446072016716,379.0]},{"page":2,"text":".","rect":[368.6963806152344,395.0,371.45602074718479,391.0]},{"page":2,"text":".","rect":[368.6963806152344,409.0,371.45602074718479,403.0]},{"page":2,"text":".","rect":[368.6664733886719,441.0,371.42611352062229,437.0]},{"page":2,"text":".","rect":[368.6764221191406,455.0,371.436062251091,449.0]},{"page":2,"text":".","rect":[368.71630859375,467.0,371.4759487257004,461.0]},{"page":2,"text":".","rect":[368.7262878417969,477.0,371.48592797374729,473.0]},{"page":2,"text":".","rect":[368.7262878417969,489.0,371.48592797374729,485.0]},{"page":2,"text":".","rect":[368.70635986328127,503.0,371.46599999523166,497.0]},{"page":2,"text":".","rect":[368.70635986328127,513.0,371.46599999523166,509.0]},{"page":2,"text":".","rect":[368.69635009765627,527.0,371.45599022960666,521.0]},{"page":2,"text":".","rect":[368.71630859375,539.0,371.4759487257004,533.0]},{"page":2,"text":".","rect":[368.7262878417969,549.0,371.48592797374729,545.0]},{"page":2,"text":".","rect":[368.7262878417969,561.0,371.48592797374729,557.0]},{"page":2,"text":".","rect":[368.70635986328127,575.0,371.46599999523166,569.0]},{"page":2,"text":".","rect":[368.70635986328127,585.0,371.46599999523166,581.0]},{"page":2,"text":".","rect":[368.6864013671875,619.0,371.4460414991379,615.0]},{"page":2,"text":".","rect":[368.70635986328127,632.0,371.46599999523166,626.0]},{"page":2,"text":".","rect":[368.6664733886719,664.0,371.42611352062229,660.0]},{"page":2,"text":".","rect":[368.706298828125,678.0,371.4659389600754,672.0]},{"page":2,"text":".","rect":[368.6863708496094,690.0,371.44601098155979,684.0]},{"page":2,"text":".","rect":[376.39739990234377,160.0,379.15704003429416,154.0]},{"page":2,"text":".","rect":[376.3973693847656,172.0,379.157009516716,166.0]},{"page":2,"text":".","rect":[376.4671630859375,185.0,379.2268032178879,178.0]},{"page":2,"text":".","rect":[376.3874816894531,216.0,379.1471218214035,212.0]},{"page":2,"text":".","rect":[376.3974914550781,230.0,379.1571315870285,224.0]},{"page":2,"text":".","rect":[376.4174499511719,240.0,379.17709008312229,236.0]},{"page":2,"text":".","rect":[376.407470703125,252.0,379.1671108350754,248.0]},{"page":2,"text":".","rect":[376.4074401855469,264.0,379.16708031749729,260.0]},{"page":2,"text":".","rect":[376.41741943359377,276.0,379.17705956554416,272.0]},{"page":2,"text":".","rect":[376.41741943359377,290.0,379.17705956554416,283.0]},{"page":2,"text":".","rect":[376.4273376464844,302.0,379.18697777843479,296.0]},{"page":2,"text":".","rect":[376.4074401855469,312.0,379.16708031749729,308.0]},{"page":2,"text":".","rect":[376.4074401855469,325.0,379.16708031749729,320.0]},{"page":2,"text":".","rect":[376.43731689453127,336.0,379.19695702648166,331.0]},{"page":2,"text":".","rect":[376.4472961425781,350.0,379.2069362745285,343.0]},{"page":2,"text":".","rect":[376.4173889160156,360.0,379.177029047966,355.0]},{"page":2,"text":".","rect":[376.4273681640625,372.0,379.1870082960129,367.0]},{"page":2,"text":".","rect":[376.4273681640625,384.0,379.1870082960129,379.0]},{"page":2,"text":".","rect":[376.43731689453127,395.0,379.19695702648166,391.0]},{"page":2,"text":".","rect":[376.43731689453127,409.0,379.19695702648166,403.0]},{"page":2,"text":".","rect":[376.40740966796877,441.0,379.16704979991916,437.0]},{"page":2,"text":".","rect":[376.40740966796877,455.0,379.16704979991916,449.0]},{"page":2,"text":".","rect":[376.4472961425781,467.0,379.2069362745285,461.0]},{"page":2,"text":".","rect":[376.46722412109377,477.0,379.22686425304416,473.0]},{"page":2,"text":".","rect":[376.46722412109377,489.0,379.22686425304416,485.0]},{"page":2,"text":".","rect":[376.4472961425781,503.0,379.2069362745285,497.0]},{"page":2,"text":".","rect":[376.4472961425781,513.0,379.2069362745285,509.0]},{"page":2,"text":".","rect":[376.4372863769531,527.0,379.1969265089035,521.0]},{"page":2,"text":".","rect":[376.4472961425781,539.0,379.2069362745285,533.0]},{"page":2,"text":".","rect":[376.46722412109377,549.0,379.22686425304416,545.0]},{"page":2,"text":".","rect":[376.46722412109377,561.0,379.22686425304416,557.0]},{"page":2,"text":".","rect":[376.4472961425781,575.0,379.2069362745285,569.0]},{"page":2,"text":".","rect":[376.4472961425781,585.0,379.2069362745285,581.0]},{"page":2,"text":".","rect":[376.4273376464844,619.0,379.18697777843479,615.0]},{"page":2,"text":".","rect":[376.4472961425781,632.0,379.2069362745285,626.0]},{"page":2,"text":".","rect":[376.40740966796877,664.0,379.16704979991916,660.0]},{"page":2,"text":".","rect":[376.4472351074219,678.0,379.20687523937229,672.0]},{"page":2,"text":".","rect":[376.4173583984375,690.0,379.1769985303879,684.0]},{"page":2,"text":".","rect":[384.1383361816406,160.0,386.897976313591,154.0]},{"page":2,"text":".","rect":[384.1383056640625,172.0,386.8979457960129,166.0]},{"page":2,"text":".","rect":[384.2080993652344,185.0,386.96773949718479,178.0]},{"page":2,"text":".","rect":[384.12841796875,216.0,386.8880581007004,212.0]},{"page":2,"text":".","rect":[384.138427734375,230.0,386.8980678663254,224.0]},{"page":2,"text":".","rect":[384.15838623046877,240.0,386.91802636241916,236.0]},{"page":2,"text":".","rect":[384.1484069824219,252.0,386.90804711437229,248.0]},{"page":2,"text":".","rect":[384.14837646484377,264.0,386.90801659679416,260.0]},{"page":2,"text":".","rect":[384.1583557128906,276.0,386.917995844841,272.0]},{"page":2,"text":".","rect":[384.1583557128906,290.0,386.917995844841,283.0]},{"page":2,"text":".","rect":[384.16827392578127,302.0,386.92791405773166,296.0]},{"page":2,"text":".","rect":[384.14837646484377,312.0,386.90801659679416,308.0]},{"page":2,"text":".","rect":[384.14837646484377,325.0,386.90801659679416,320.0]},{"page":2,"text":".","rect":[384.1782531738281,336.0,386.9378933057785,331.0]},{"page":2,"text":".","rect":[384.188232421875,350.0,386.9478725538254,343.0]},{"page":2,"text":".","rect":[384.1583251953125,360.0,386.9179653272629,355.0]},{"page":2,"text":".","rect":[384.1683044433594,372.0,386.92794457530979,367.0]},{"page":2,"text":".","rect":[384.1683044433594,384.0,386.92794457530979,379.0]},{"page":2,"text":".","rect":[384.1782531738281,395.0,386.9378933057785,391.0]},{"page":2,"text":".","rect":[384.1782531738281,409.0,386.9378933057785,403.0]},{"page":2,"text":".","rect":[384.1483459472656,441.0,386.907986079216,437.0]},{"page":2,"text":".","rect":[384.1483459472656,455.0,386.907986079216,449.0]},{"page":2,"text":".","rect":[384.188232421875,467.0,386.9478725538254,461.0]},{"page":2,"text":".","rect":[384.2081604003906,477.0,386.967800532341,473.0]},{"page":2,"text":".","rect":[384.2081604003906,489.0,386.967800532341,485.0]},{"page":2,"text":".","rect":[384.188232421875,503.0,386.9478725538254,497.0]},{"page":2,"text":".","rect":[384.188232421875,513.0,386.9478725538254,509.0]},{"page":2,"text":".","rect":[384.17822265625,527.0,386.9378627882004,521.0]},{"page":2,"text":".","rect":[384.188232421875,539.0,386.9478725538254,533.0]},{"page":2,"text":".","rect":[384.2081604003906,549.0,386.967800532341,545.0]},{"page":2,"text":".","rect":[384.2081604003906,561.0,386.967800532341,557.0]},{"page":2,"text":".","rect":[384.188232421875,575.0,386.9478725538254,569.0]},{"page":2,"text":".","rect":[384.188232421875,585.0,386.9478725538254,581.0]},{"page":2,"text":".","rect":[384.16827392578127,619.0,386.92791405773166,615.0]},{"page":2,"text":".","rect":[384.188232421875,632.0,386.9478725538254,626.0]},{"page":2,"text":".","rect":[384.1483459472656,664.0,386.907986079216,660.0]},{"page":2,"text":".","rect":[384.18817138671877,678.0,386.94781151866916,672.0]},{"page":2,"text":".","rect":[384.1582946777344,690.0,386.91793480968479,684.0]},{"page":2,"text":".","rect":[391.8792724609375,160.0,394.6389125928879,154.0]},{"page":2,"text":".","rect":[391.8792419433594,172.0,394.63888207530979,166.0]},{"page":2,"text":".","rect":[391.94903564453127,185.0,394.70867577648166,178.0]},{"page":2,"text":".","rect":[391.8693542480469,216.0,394.62899437999729,212.0]},{"page":2,"text":".","rect":[391.8793640136719,230.0,394.63900414562229,224.0]},{"page":2,"text":".","rect":[391.8993225097656,240.0,394.658962641716,236.0]},{"page":2,"text":".","rect":[391.88934326171877,252.0,394.64898339366916,248.0]},{"page":2,"text":".","rect":[391.8893127441406,264.0,394.648952876091,260.0]},{"page":2,"text":".","rect":[391.8992919921875,276.0,394.6589321241379,272.0]},{"page":2,"text":".","rect":[391.8992919921875,290.0,394.6589321241379,283.0]},{"page":2,"text":".","rect":[391.9092102050781,302.0,394.6688503370285,296.0]},{"page":2,"text":".","rect":[391.8893127441406,312.0,394.648952876091,308.0]},{"page":2,"text":".","rect":[391.8893127441406,325.0,394.648952876091,320.0]},{"page":2,"text":".","rect":[391.919189453125,336.0,394.6788295850754,331.0]},{"page":2,"text":".","rect":[391.9291687011719,350.0,394.68880883312229,343.0]},{"page":2,"text":".","rect":[391.8992614746094,360.0,394.65890160655979,355.0]},{"page":2,"text":".","rect":[391.90924072265627,372.0,394.66888085460666,367.0]},{"page":2,"text":".","rect":[391.90924072265627,384.0,394.66888085460666,379.0]},{"page":2,"text":".","rect":[391.919189453125,395.0,394.6788295850754,391.0]},{"page":2,"text":".","rect":[391.919189453125,409.0,394.6788295850754,403.0]},{"page":2,"text":".","rect":[391.8892822265625,441.0,394.6489223585129,437.0]},{"page":2,"text":".","rect":[391.8892822265625,455.0,394.6489223585129,449.0]},{"page":2,"text":".","rect":[391.9291687011719,467.0,394.68880883312229,461.0]},{"page":2,"text":".","rect":[391.9490966796875,477.0,394.7087368116379,473.0]},{"page":2,"text":".","rect":[391.9490966796875,489.0,394.7087368116379,485.0]},{"page":2,"text":".","rect":[391.9291687011719,503.0,394.68880883312229,497.0]},{"page":2,"text":".","rect":[391.9291687011719,513.0,394.68880883312229,509.0]},{"page":2,"text":".","rect":[391.9191589355469,527.0,394.67879906749729,521.0]},{"page":2,"text":".","rect":[391.9291687011719,539.0,394.68880883312229,533.0]},{"page":2,"text":".","rect":[391.9490966796875,549.0,394.7087368116379,545.0]},{"page":2,"text":".","rect":[391.9490966796875,561.0,394.7087368116379,557.0]},{"page":2,"text":".","rect":[391.9291687011719,575.0,394.68880883312229,569.0]},{"page":2,"text":".","rect":[391.9291687011719,585.0,394.68880883312229,581.0]},{"page":2,"text":".","rect":[391.9092102050781,619.0,394.6688503370285,615.0]},{"page":2,"text":".","rect":[391.9291687011719,632.0,394.68880883312229,626.0]},{"page":2,"text":".","rect":[391.8892822265625,664.0,394.6489223585129,660.0]},{"page":2,"text":".","rect":[391.9291076660156,678.0,394.688747797966,672.0]},{"page":2,"text":".","rect":[391.89923095703127,690.0,394.65887108898166,684.0]},{"page":2,"text":".","rect":[399.6202087402344,160.0,402.37984887218479,154.0]},{"page":2,"text":".","rect":[399.62017822265627,172.0,402.37981835460666,166.0]},{"page":2,"text":".","rect":[399.6899719238281,185.0,402.4496120557785,178.0]},{"page":2,"text":".","rect":[399.61029052734377,216.0,402.36993065929416,212.0]},{"page":2,"text":".","rect":[399.62030029296877,230.0,402.37994042491916,224.0]},{"page":2,"text":".","rect":[399.6402587890625,240.0,402.3998989210129,236.0]},{"page":2,"text":".","rect":[399.6302795410156,252.0,402.389919672966,248.0]},{"page":2,"text":".","rect":[399.6302490234375,264.0,402.3898891553879,260.0]},{"page":2,"text":".","rect":[399.6402282714844,276.0,402.39986840343479,272.0]},{"page":2,"text":".","rect":[399.6402282714844,290.0,402.39986840343479,283.0]},{"page":2,"text":".","rect":[399.650146484375,302.0,402.4097866163254,296.0]},{"page":2,"text":".","rect":[399.6302490234375,312.0,402.3898891553879,308.0]},{"page":2,"text":".","rect":[399.6302490234375,325.0,402.3898891553879,320.0]},{"page":2,"text":".","rect":[399.6601257324219,336.0,402.41976586437229,331.0]},{"page":2,"text":".","rect":[399.67010498046877,350.0,402.42974511241916,343.0]},{"page":2,"text":".","rect":[399.64019775390627,360.0,402.39983788585666,355.0]},{"page":2,"text":".","rect":[399.6501770019531,372.0,402.4098171339035,367.0]},{"page":2,"text":".","rect":[399.6501770019531,384.0,402.4098171339035,379.0]},{"page":2,"text":".","rect":[399.6601257324219,395.0,402.41976586437229,391.0]},{"page":2,"text":".","rect":[399.6601257324219,409.0,402.41976586437229,403.0]},{"page":2,"text":".","rect":[399.6202697753906,441.0,402.379909907341,437.0]},{"page":2,"text":".","rect":[399.6302185058594,455.0,402.38985863780979,449.0]},{"page":2,"text":".","rect":[399.67010498046877,467.0,402.42974511241916,461.0]},{"page":2,"text":".","rect":[399.6800842285156,477.0,402.439724360466,473.0]},{"page":2,"text":".","rect":[399.6800842285156,489.0,402.439724360466,485.0]},{"page":2,"text":".","rect":[399.67010498046877,503.0,402.42974511241916,497.0]},{"page":2,"text":".","rect":[399.66015625,513.0,402.4197963819504,509.0]},{"page":2,"text":".","rect":[399.650146484375,527.0,402.4097866163254,521.0]},{"page":2,"text":".","rect":[399.67010498046877,539.0,402.42974511241916,533.0]},{"page":2,"text":".","rect":[399.6800842285156,549.0,402.439724360466,545.0]},{"page":2,"text":".","rect":[399.6800842285156,561.0,402.439724360466,557.0]},{"page":2,"text":".","rect":[399.67010498046877,575.0,402.42974511241916,569.0]},{"page":2,"text":".","rect":[399.66015625,585.0,402.4197963819504,581.0]},{"page":2,"text":".","rect":[399.64019775390627,619.0,402.39983788585666,615.0]},{"page":2,"text":".","rect":[399.67010498046877,632.0,402.42974511241916,626.0]},{"page":2,"text":".","rect":[399.6202697753906,664.0,402.379909907341,660.0]},{"page":2,"text":".","rect":[399.6700439453125,678.0,402.4296840772629,672.0]},{"page":2,"text":".","rect":[399.6401672363281,690.0,402.3998073682785,684.0]},{"page":2,"text":".","rect":[407.36114501953127,160.0,410.12078515148166,154.0]},{"page":2,"text":".","rect":[407.3611145019531,172.0,410.1207546339035,166.0]},{"page":2,"text":".","rect":[407.430908203125,185.0,410.1905483350754,178.0]},{"page":2,"text":".","rect":[407.3512268066406,216.0,410.110866938591,212.0]},{"page":2,"text":".","rect":[407.3612365722656,230.0,410.120876704216,224.0]},{"page":2,"text":".","rect":[407.3811950683594,240.0,410.14083520030979,236.0]},{"page":2,"text":".","rect":[407.3712158203125,252.0,410.1308559522629,248.0]},{"page":2,"text":".","rect":[407.3711853027344,264.0,410.13082543468479,260.0]},{"page":2,"text":".","rect":[407.38116455078127,276.0,410.14080468273166,272.0]},{"page":2,"text":".","rect":[407.38116455078127,290.0,410.14080468273166,283.0]},{"page":2,"text":".","rect":[407.3910827636719,302.0,410.15072289562229,296.0]},{"page":2,"text":".","rect":[407.3711853027344,312.0,410.13082543468479,308.0]},{"page":2,"text":".","rect":[407.3711853027344,325.0,410.13082543468479,320.0]},{"page":2,"text":".","rect":[407.40106201171877,336.0,410.16070214366916,331.0]},{"page":2,"text":".","rect":[407.4110412597656,350.0,410.170681391716,343.0]},{"page":2,"text":".","rect":[407.3811340332031,360.0,410.1407741651535,355.0]},{"page":2,"text":".","rect":[407.39111328125,372.0,410.1507534132004,367.0]},{"page":2,"text":".","rect":[407.39111328125,384.0,410.1507534132004,379.0]},{"page":2,"text":".","rect":[407.40106201171877,395.0,410.16070214366916,391.0]},{"page":2,"text":".","rect":[407.40106201171877,409.0,410.16070214366916,403.0]},{"page":2,"text":".","rect":[407.3612060546875,441.0,410.1208461866379,437.0]},{"page":2,"text":".","rect":[407.37115478515627,455.0,410.13079491710666,449.0]},{"page":2,"text":".","rect":[407.4110412597656,467.0,410.170681391716,461.0]},{"page":2,"text":".","rect":[407.4210205078125,477.0,410.1806606397629,473.0]},{"page":2,"text":".","rect":[407.4210205078125,489.0,410.1806606397629,485.0]},{"page":2,"text":".","rect":[407.4110412597656,503.0,410.170681391716,497.0]},{"page":2,"text":".","rect":[407.4010925292969,513.0,410.16073266124729,509.0]},{"page":2,"text":".","rect":[407.3910827636719,527.0,410.15072289562229,521.0]},{"page":2,"text":".","rect":[407.4110412597656,539.0,410.170681391716,533.0]},{"page":2,"text":".","rect":[407.4210205078125,549.0,410.1806606397629,545.0]},{"page":2,"text":".","rect":[407.4210205078125,561.0,410.1806606397629,557.0]},{"page":2,"text":".","rect":[407.4110412597656,575.0,410.170681391716,569.0]},{"page":2,"text":".","rect":[407.4010925292969,585.0,410.16073266124729,581.0]},{"page":2,"text":".","rect":[407.3811340332031,619.0,410.1407741651535,615.0]},{"page":2,"text":".","rect":[407.4110412597656,632.0,410.170681391716,626.0]},{"page":2,"text":".","rect":[407.3612060546875,664.0,410.1208461866379,660.0]},{"page":2,"text":".","rect":[407.4109802246094,678.0,410.17062035655979,672.0]},{"page":2,"text":".","rect":[407.381103515625,690.0,410.1407436475754,684.0]},{"page":2,"text":".","rect":[415.1020812988281,160.0,417.8617214307785,154.0]},{"page":2,"text":".","rect":[415.10205078125,172.0,417.8616909132004,166.0]},{"page":2,"text":".","rect":[415.1718444824219,185.0,417.93148461437229,178.0]},{"page":2,"text":".","rect":[415.0921630859375,216.0,417.8518032178879,212.0]},{"page":2,"text":".","rect":[415.1021728515625,230.0,417.8618129835129,224.0]},{"page":2,"text":".","rect":[415.12213134765627,240.0,417.88177147960666,236.0]},{"page":2,"text":".","rect":[415.1121520996094,252.0,417.87179223155979,248.0]},{"page":2,"text":".","rect":[415.11212158203127,264.0,417.87176171398166,260.0]},{"page":2,"text":".","rect":[415.1221008300781,276.0,417.8817409620285,272.0]},{"page":2,"text":".","rect":[415.1221008300781,290.0,417.8817409620285,283.0]},{"page":2,"text":".","rect":[415.13201904296877,302.0,417.89165917491916,296.0]},{"page":2,"text":".","rect":[415.11212158203127,312.0,417.87176171398166,308.0]},{"page":2,"text":".","rect":[415.11212158203127,325.0,417.87176171398166,320.0]},{"page":2,"text":".","rect":[415.1419982910156,336.0,417.901638422966,331.0]},{"page":2,"text":".","rect":[415.1519775390625,350.0,417.9116176710129,343.0]},{"page":2,"text":".","rect":[415.1220703125,360.0,417.8817104444504,355.0]},{"page":2,"text":".","rect":[415.1320495605469,372.0,417.89168969249729,367.0]},{"page":2,"text":".","rect":[415.1320495605469,384.0,417.89168969249729,379.0]},{"page":2,"text":".","rect":[415.1419982910156,395.0,417.901638422966,391.0]},{"page":2,"text":".","rect":[415.1419982910156,409.0,417.901638422966,403.0]},{"page":2,"text":".","rect":[415.1021423339844,441.0,417.86178246593479,437.0]},{"page":2,"text":".","rect":[415.1120910644531,455.0,417.8717311964035,449.0]},{"page":2,"text":".","rect":[415.1519775390625,467.0,417.9116176710129,461.0]},{"page":2,"text":".","rect":[415.1619567871094,477.0,417.92159691905979,473.0]},{"page":2,"text":".","rect":[415.1619567871094,489.0,417.92159691905979,485.0]},{"page":2,"text":".","rect":[415.1519775390625,503.0,417.9116176710129,497.0]},{"page":2,"text":".","rect":[415.14202880859377,513.0,417.90166894054416,509.0]},{"page":2,"text":".","rect":[415.13201904296877,527.0,417.89165917491916,521.0]},{"page":2,"text":".","rect":[415.1519775390625,539.0,417.9116176710129,533.0]},{"page":2,"text":".","rect":[415.1619567871094,549.0,417.92159691905979,545.0]},{"page":2,"text":".","rect":[415.1619567871094,561.0,417.92159691905979,557.0]},{"page":2,"text":".","rect":[415.1519775390625,575.0,417.9116176710129,569.0]},{"page":2,"text":".","rect":[415.14202880859377,585.0,417.90166894054416,581.0]},{"page":2,"text":".","rect":[415.1220703125,619.0,417.8817104444504,615.0]},{"page":2,"text":".","rect":[415.1519775390625,632.0,417.9116176710129,626.0]},{"page":2,"text":".","rect":[415.1021423339844,664.0,417.86178246593479,660.0]},{"page":2,"text":".","rect":[415.15191650390627,678.0,417.91155663585666,672.0]},{"page":2,"text":".","rect":[415.1220397949219,690.0,417.88167992687229,684.0]},{"page":2,"text":".","rect":[422.843017578125,160.0,425.6026577100754,154.0]},{"page":2,"text":".","rect":[422.8429870605469,172.0,425.60262719249729,166.0]},{"page":2,"text":".","rect":[422.91278076171877,185.0,425.67242089366916,178.0]},{"page":2,"text":".","rect":[422.8330993652344,216.0,425.59273949718479,212.0]},{"page":2,"text":".","rect":[422.8431091308594,230.0,425.60274926280979,224.0]},{"page":2,"text":".","rect":[422.8630676269531,240.0,425.6227077589035,236.0]},{"page":2,"text":".","rect":[422.85308837890627,252.0,425.61272851085666,248.0]},{"page":2,"text":".","rect":[422.8530578613281,264.0,425.6126979932785,260.0]},{"page":2,"text":".","rect":[422.863037109375,276.0,425.6226772413254,272.0]},{"page":2,"text":".","rect":[422.863037109375,290.0,425.6226772413254,283.0]},{"page":2,"text":".","rect":[422.8729553222656,302.0,425.632595454216,296.0]},{"page":2,"text":".","rect":[422.8530578613281,312.0,425.6126979932785,308.0]},{"page":2,"text":".","rect":[422.8530578613281,325.0,425.6126979932785,320.0]},{"page":2,"text":".","rect":[422.87298583984377,336.0,425.63262597179416,331.0]},{"page":2,"text":".","rect":[422.8929138183594,350.0,425.65255395030979,343.0]},{"page":2,"text":".","rect":[422.8630065917969,360.0,425.62264672374729,355.0]},{"page":2,"text":".","rect":[422.87298583984377,372.0,425.63262597179416,367.0]},{"page":2,"text":".","rect":[422.87298583984377,384.0,425.63262597179416,379.0]},{"page":2,"text":".","rect":[422.8829345703125,395.0,425.6425747022629,391.0]},{"page":2,"text":".","rect":[422.8829345703125,409.0,425.6425747022629,403.0]},{"page":2,"text":".","rect":[422.84307861328127,441.0,425.60271874523166,437.0]},{"page":2,"text":".","rect":[422.85302734375,455.0,425.6126674757004,449.0]},{"page":2,"text":".","rect":[422.8929138183594,467.0,425.65255395030979,461.0]},{"page":2,"text":".","rect":[422.90289306640627,477.0,425.66253319835666,473.0]},{"page":2,"text":".","rect":[422.90289306640627,489.0,425.66253319835666,485.0]},{"page":2,"text":".","rect":[422.8929138183594,503.0,425.65255395030979,497.0]},{"page":2,"text":".","rect":[422.8829650878906,513.0,425.642605219841,509.0]},{"page":2,"text":".","rect":[422.8729553222656,527.0,425.632595454216,521.0]},{"page":2,"text":".","rect":[422.8929138183594,539.0,425.65255395030979,533.0]},{"page":2,"text":".","rect":[422.90289306640627,549.0,425.66253319835666,545.0]},{"page":2,"text":".","rect":[422.90289306640627,561.0,425.66253319835666,557.0]},{"page":2,"text":".","rect":[422.8929138183594,575.0,425.65255395030979,569.0]},{"page":2,"text":".","rect":[422.8829650878906,585.0,425.642605219841,581.0]},{"page":2,"text":".","rect":[422.8630065917969,619.0,425.62264672374729,615.0]},{"page":2,"text":".","rect":[422.8829650878906,632.0,425.642605219841,626.0]},{"page":2,"text":".","rect":[422.84307861328127,664.0,425.60271874523166,660.0]},{"page":2,"text":".","rect":[422.8928527832031,678.0,425.6524929151535,672.0]},{"page":2,"text":".","rect":[422.86297607421877,690.0,425.62261620616916,684.0]},{"page":2,"text":".","rect":[430.5839538574219,160.0,433.34359398937229,154.0]},{"page":2,"text":".","rect":[430.58392333984377,172.0,433.34356347179416,166.0]},{"page":2,"text":".","rect":[430.6537170410156,185.0,433.413357172966,178.0]},{"page":2,"text":".","rect":[430.57403564453127,216.0,433.33367577648166,212.0]},{"page":2,"text":".","rect":[430.58404541015627,230.0,433.34368554210666,224.0]},{"page":2,"text":".","rect":[430.60400390625,240.0,433.3636440382004,236.0]},{"page":2,"text":".","rect":[430.5940246582031,252.0,433.3536647901535,248.0]},{"page":2,"text":".","rect":[430.593994140625,264.0,433.3536342725754,260.0]},{"page":2,"text":".","rect":[430.6039733886719,276.0,433.36361352062229,272.0]},{"page":2,"text":".","rect":[430.6039733886719,290.0,433.36361352062229,283.0]},{"page":2,"text":".","rect":[430.6138916015625,302.0,433.3735317335129,296.0]},{"page":2,"text":".","rect":[430.593994140625,312.0,433.3536342725754,308.0]},{"page":2,"text":".","rect":[430.593994140625,325.0,433.3536342725754,320.0]},{"page":2,"text":".","rect":[430.6139221191406,336.0,433.373562251091,331.0]},{"page":2,"text":".","rect":[430.63385009765627,350.0,433.39349022960666,343.0]},{"page":2,"text":".","rect":[430.60394287109377,360.0,433.36358300304416,355.0]},{"page":2,"text":".","rect":[430.6139221191406,372.0,433.373562251091,367.0]},{"page":2,"text":".","rect":[430.6139221191406,384.0,433.373562251091,379.0]},{"page":2,"text":".","rect":[430.6238708496094,395.0,433.38351098155979,391.0]},{"page":2,"text":".","rect":[430.6238708496094,409.0,433.38351098155979,403.0]},{"page":2,"text":".","rect":[430.5840148925781,441.0,433.3436550245285,437.0]},{"page":2,"text":".","rect":[430.5939636230469,455.0,433.35360375499729,449.0]},{"page":2,"text":".","rect":[430.63385009765627,467.0,433.39349022960666,461.0]},{"page":2,"text":".","rect":[430.6438293457031,477.0,433.4034694776535,473.0]},{"page":2,"text":".","rect":[430.6438293457031,489.0,433.4034694776535,485.0]},{"page":2,"text":".","rect":[430.63385009765627,503.0,433.39349022960666,497.0]},{"page":2,"text":".","rect":[430.6239013671875,513.0,433.3835414991379,509.0]},{"page":2,"text":".","rect":[430.6138916015625,527.0,433.3735317335129,521.0]},{"page":2,"text":".","rect":[430.63385009765627,539.0,433.39349022960666,533.0]},{"page":2,"text":".","rect":[430.6438293457031,549.0,433.4034694776535,545.0]},{"page":2,"text":".","rect":[430.6438293457031,561.0,433.4034694776535,557.0]},{"page":2,"text":".","rect":[430.63385009765627,575.0,433.39349022960666,569.0]},{"page":2,"text":".","rect":[430.6239013671875,585.0,433.3835414991379,581.0]},{"page":2,"text":".","rect":[430.60394287109377,619.0,433.36358300304416,615.0]},{"page":2,"text":".","rect":[430.6239013671875,632.0,433.3835414991379,626.0]},{"page":2,"text":".","rect":[430.5840148925781,664.0,433.3436550245285,660.0]},{"page":2,"text":".","rect":[430.6337890625,678.0,433.3934291944504,672.0]},{"page":2,"text":".","rect":[430.6039123535156,690.0,433.363552485466,684.0]},{"page":2,"text":".","rect":[438.32489013671877,160.0,441.08453026866916,154.0]},{"page":2,"text":".","rect":[438.3248596191406,172.0,441.084499751091,166.0]},{"page":2,"text":".","rect":[438.3946533203125,185.0,441.1542934522629,178.0]},{"page":2,"text":".","rect":[438.3149719238281,216.0,441.0746120557785,212.0]},{"page":2,"text":".","rect":[438.3249816894531,230.0,441.0846218214035,224.0]},{"page":2,"text":".","rect":[438.3449401855469,240.0,441.10458031749729,236.0]},{"page":2,"text":".","rect":[438.3349609375,252.0,441.0946010694504,248.0]},{"page":2,"text":".","rect":[438.3349304199219,264.0,441.09457055187229,260.0]},{"page":2,"text":".","rect":[438.34490966796877,276.0,441.10454979991916,272.0]},{"page":2,"text":".","rect":[438.34490966796877,290.0,441.10454979991916,283.0]},{"page":2,"text":".","rect":[438.3548278808594,302.0,441.11446801280979,296.0]},{"page":2,"text":".","rect":[438.3349304199219,312.0,441.09457055187229,308.0]},{"page":2,"text":".","rect":[438.3349304199219,325.0,441.09457055187229,320.0]},{"page":2,"text":".","rect":[438.3548583984375,336.0,441.1144985303879,331.0]},{"page":2,"text":".","rect":[438.3747863769531,350.0,441.1344265089035,343.0]},{"page":2,"text":".","rect":[438.3448791503906,360.0,441.104519282341,355.0]},{"page":2,"text":".","rect":[438.3548583984375,372.0,441.1144985303879,367.0]},{"page":2,"text":".","rect":[438.3548583984375,384.0,441.1144985303879,379.0]},{"page":2,"text":".","rect":[438.36480712890627,395.0,441.12444726085666,391.0]},{"page":2,"text":".","rect":[438.36480712890627,409.0,441.12444726085666,403.0]},{"page":2,"text":".","rect":[438.324951171875,441.0,441.0845913038254,437.0]},{"page":2,"text":".","rect":[438.33489990234377,455.0,441.09454003429416,449.0]},{"page":2,"text":".","rect":[438.3747863769531,467.0,441.1344265089035,461.0]},{"page":2,"text":".","rect":[438.384765625,477.0,441.1444057569504,473.0]},{"page":2,"text":".","rect":[438.384765625,489.0,441.1444057569504,485.0]},{"page":2,"text":".","rect":[438.3747863769531,503.0,441.1344265089035,497.0]},{"page":2,"text":".","rect":[438.3648376464844,513.0,441.12447777843479,509.0]},{"page":2,"text":".","rect":[438.3548278808594,527.0,441.11446801280979,521.0]},{"page":2,"text":".","rect":[438.3747863769531,539.0,441.1344265089035,533.0]},{"page":2,"text":".","rect":[438.384765625,549.0,441.1444057569504,545.0]},{"page":2,"text":".","rect":[438.384765625,561.0,441.1444057569504,557.0]},{"page":2,"text":".","rect":[438.3747863769531,575.0,441.1344265089035,569.0]},{"page":2,"text":".","rect":[438.3648376464844,585.0,441.12447777843479,581.0]},{"page":2,"text":".","rect":[438.3448791503906,619.0,441.104519282341,615.0]},{"page":2,"text":".","rect":[438.3648376464844,632.0,441.12447777843479,626.0]},{"page":2,"text":".","rect":[438.324951171875,664.0,441.0845913038254,660.0]},{"page":2,"text":".","rect":[438.3647766113281,678.0,441.1244167432785,672.0]},{"page":2,"text":".","rect":[438.3448486328125,690.0,441.1044887647629,684.0]},{"page":2,"text":".","rect":[446.0658264160156,160.0,448.825466547966,154.0]},{"page":2,"text":".","rect":[446.0657958984375,172.0,448.8254360303879,166.0]},{"page":2,"text":".","rect":[446.1355895996094,185.0,448.89522973155979,178.0]},{"page":2,"text":".","rect":[446.055908203125,216.0,448.8155483350754,212.0]},{"page":2,"text":".","rect":[446.06591796875,230.0,448.8255581007004,224.0]},{"page":2,"text":".","rect":[446.08587646484377,240.0,448.84551659679416,236.0]},{"page":2,"text":".","rect":[446.0758972167969,252.0,448.83553734874729,248.0]},{"page":2,"text":".","rect":[446.07586669921877,264.0,448.83550683116916,260.0]},{"page":2,"text":".","rect":[446.0758972167969,276.0,448.83553734874729,272.0]},{"page":2,"text":".","rect":[446.0858459472656,290.0,448.845486079216,283.0]},{"page":2,"text":".","rect":[446.09576416015627,302.0,448.85540429210666,296.0]},{"page":2,"text":".","rect":[446.07586669921877,312.0,448.83550683116916,308.0]},{"page":2,"text":".","rect":[446.07586669921877,325.0,448.83550683116916,320.0]},{"page":2,"text":".","rect":[446.0957946777344,336.0,448.85543480968479,331.0]},{"page":2,"text":".","rect":[446.11572265625,350.0,448.8753627882004,343.0]},{"page":2,"text":".","rect":[446.0858154296875,360.0,448.8454555616379,355.0]},{"page":2,"text":".","rect":[446.0957946777344,372.0,448.85543480968479,367.0]},{"page":2,"text":".","rect":[446.0957946777344,384.0,448.85543480968479,379.0]},{"page":2,"text":".","rect":[446.1057434082031,395.0,448.8653835401535,391.0]},{"page":2,"text":".","rect":[446.1057434082031,409.0,448.8653835401535,403.0]},{"page":2,"text":".","rect":[446.0658874511719,441.0,448.82552758312229,437.0]},{"page":2,"text":".","rect":[446.0758361816406,455.0,448.835476313591,449.0]},{"page":2,"text":".","rect":[446.11572265625,467.0,448.8753627882004,461.0]},{"page":2,"text":".","rect":[446.1257019042969,477.0,448.88534203624729,473.0]},{"page":2,"text":".","rect":[446.1257019042969,489.0,448.88534203624729,485.0]},{"page":2,"text":".","rect":[446.11572265625,503.0,448.8753627882004,497.0]},{"page":2,"text":".","rect":[446.10577392578127,513.0,448.86541405773166,509.0]},{"page":2,"text":".","rect":[446.09576416015627,527.0,448.85540429210666,521.0]},{"page":2,"text":".","rect":[446.11572265625,539.0,448.8753627882004,533.0]},{"page":2,"text":".","rect":[446.1257019042969,549.0,448.88534203624729,545.0]},{"page":2,"text":".","rect":[446.1257019042969,561.0,448.88534203624729,557.0]},{"page":2,"text":".","rect":[446.11572265625,575.0,448.8753627882004,569.0]},{"page":2,"text":".","rect":[446.10577392578127,585.0,448.86541405773166,581.0]},{"page":2,"text":".","rect":[446.0858154296875,619.0,448.8454555616379,615.0]},{"page":2,"text":".","rect":[446.10577392578127,632.0,448.86541405773166,626.0]},{"page":2,"text":".","rect":[446.0658874511719,664.0,448.82552758312229,660.0]},{"page":2,"text":".","rect":[446.105712890625,678.0,448.8653530225754,672.0]},{"page":2,"text":".","rect":[446.0857849121094,690.0,448.84542504405979,684.0]},{"page":2,"text":".","rect":[453.8067626953125,160.0,456.5664028272629,154.0]},{"page":2,"text":".","rect":[453.8067321777344,172.0,456.56637230968479,166.0]},{"page":2,"text":".","rect":[453.87652587890627,185.0,456.63616601085666,178.0]},{"page":2,"text":".","rect":[453.7968444824219,216.0,456.55648461437229,212.0]},{"page":2,"text":".","rect":[453.8068542480469,230.0,456.56649437999729,224.0]},{"page":2,"text":".","rect":[453.8268127441406,240.0,456.586452876091,236.0]},{"page":2,"text":".","rect":[453.81683349609377,252.0,456.57647362804416,248.0]},{"page":2,"text":".","rect":[453.8168029785156,264.0,456.576443110466,260.0]},{"page":2,"text":".","rect":[453.81683349609377,276.0,456.57647362804416,272.0]},{"page":2,"text":".","rect":[453.8267822265625,290.0,456.5864223585129,283.0]},{"page":2,"text":".","rect":[453.8367004394531,302.0,456.5963405714035,296.0]},{"page":2,"text":".","rect":[453.8168029785156,312.0,456.576443110466,308.0]},{"page":2,"text":".","rect":[453.8168029785156,325.0,456.576443110466,320.0]},{"page":2,"text":".","rect":[453.83673095703127,336.0,456.59637108898166,331.0]},{"page":2,"text":".","rect":[453.8566589355469,350.0,456.61629906749729,343.0]},{"page":2,"text":".","rect":[453.8267517089844,360.0,456.58639184093479,355.0]},{"page":2,"text":".","rect":[453.83673095703127,372.0,456.59637108898166,367.0]},{"page":2,"text":".","rect":[453.83673095703127,384.0,456.59637108898166,379.0]},{"page":2,"text":".","rect":[453.8466796875,395.0,456.6063198194504,391.0]},{"page":2,"text":".","rect":[453.8466796875,409.0,456.6063198194504,403.0]},{"page":2,"text":".","rect":[453.80682373046877,441.0,456.56646386241916,437.0]},{"page":2,"text":".","rect":[453.8167724609375,455.0,456.5764125928879,449.0]},{"page":2,"text":".","rect":[453.8566589355469,467.0,456.61629906749729,461.0]},{"page":2,"text":".","rect":[453.86663818359377,477.0,456.62627831554416,473.0]},{"page":2,"text":".","rect":[453.86663818359377,489.0,456.62627831554416,485.0]},{"page":2,"text":".","rect":[453.8566589355469,503.0,456.61629906749729,497.0]},{"page":2,"text":".","rect":[453.8467102050781,513.0,456.6063503370285,509.0]},{"page":2,"text":".","rect":[453.8367004394531,527.0,456.5963405714035,521.0]},{"page":2,"text":".","rect":[453.8566589355469,539.0,456.61629906749729,533.0]},{"page":2,"text":".","rect":[453.86663818359377,549.0,456.62627831554416,545.0]},{"page":2,"text":".","rect":[453.86663818359377,561.0,456.62627831554416,557.0]},{"page":2,"text":".","rect":[453.8566589355469,575.0,456.61629906749729,569.0]},{"page":2,"text":".","rect":[453.8467102050781,585.0,456.6063503370285,581.0]},{"page":2,"text":".","rect":[453.8267517089844,619.0,456.58639184093479,615.0]},{"page":2,"text":".","rect":[453.8467102050781,632.0,456.6063503370285,626.0]},{"page":2,"text":".","rect":[453.80682373046877,664.0,456.56646386241916,660.0]},{"page":2,"text":".","rect":[453.8466491699219,678.0,456.60628930187229,672.0]},{"page":2,"text":".","rect":[453.82672119140627,690.0,456.58636132335666,684.0]},{"page":2,"text":".","rect":[461.5476989746094,160.0,464.30733910655979,154.0]},{"page":2,"text":".","rect":[461.54766845703127,172.0,464.30730858898166,166.0]},{"page":2,"text":".","rect":[461.6174621582031,185.0,464.3771022901535,178.0]},{"page":2,"text":".","rect":[461.53778076171877,216.0,464.29742089366916,212.0]},{"page":2,"text":".","rect":[461.54779052734377,230.0,464.30743065929416,224.0]},{"page":2,"text":".","rect":[461.5677490234375,240.0,464.3273891553879,236.0]},{"page":2,"text":".","rect":[461.5577697753906,252.0,464.317409907341,248.0]},{"page":2,"text":".","rect":[461.5577392578125,264.0,464.3173793897629,260.0]},{"page":2,"text":".","rect":[461.5577697753906,276.0,464.317409907341,272.0]},{"page":2,"text":".","rect":[461.5677185058594,290.0,464.32735863780979,283.0]},{"page":2,"text":".","rect":[461.57763671875,302.0,464.3372768507004,296.0]},{"page":2,"text":".","rect":[461.5577392578125,312.0,464.3173793897629,308.0]},{"page":2,"text":".","rect":[461.5577392578125,325.0,464.3173793897629,320.0]},{"page":2,"text":".","rect":[461.5776672363281,336.0,464.3373073682785,331.0]},{"page":2,"text":".","rect":[461.59759521484377,350.0,464.35723534679416,343.0]},{"page":2,"text":".","rect":[461.56768798828127,360.0,464.32732812023166,355.0]},{"page":2,"text":".","rect":[461.5776672363281,372.0,464.3373073682785,367.0]},{"page":2,"text":".","rect":[461.5776672363281,384.0,464.3373073682785,379.0]},{"page":2,"text":".","rect":[461.5876159667969,395.0,464.34725609874729,391.0]},{"page":2,"text":".","rect":[461.5876159667969,409.0,464.34725609874729,403.0]},{"page":2,"text":".","rect":[461.5477600097656,441.0,464.307400141716,437.0]},{"page":2,"text":".","rect":[461.5577087402344,455.0,464.31734887218479,449.0]},{"page":2,"text":".","rect":[461.59759521484377,467.0,464.35723534679416,461.0]},{"page":2,"text":".","rect":[461.6075744628906,477.0,464.367214594841,473.0]},{"page":2,"text":".","rect":[461.6075744628906,489.0,464.367214594841,485.0]},{"page":2,"text":".","rect":[461.59759521484377,503.0,464.35723534679416,497.0]},{"page":2,"text":".","rect":[461.587646484375,513.0,464.3472866163254,509.0]},{"page":2,"text":".","rect":[461.57763671875,527.0,464.3372768507004,521.0]},{"page":2,"text":".","rect":[461.59759521484377,539.0,464.35723534679416,533.0]},{"page":2,"text":".","rect":[461.6075744628906,549.0,464.367214594841,545.0]},{"page":2,"text":".","rect":[461.6075744628906,561.0,464.367214594841,557.0]},{"page":2,"text":".","rect":[461.59759521484377,575.0,464.35723534679416,569.0]},{"page":2,"text":".","rect":[461.587646484375,585.0,464.3472866163254,581.0]},{"page":2,"text":".","rect":[461.56768798828127,619.0,464.32732812023166,615.0]},{"page":2,"text":".","rect":[461.587646484375,632.0,464.3472866163254,626.0]},{"page":2,"text":".","rect":[461.5477600097656,664.0,464.307400141716,660.0]},{"page":2,"text":".","rect":[461.58758544921877,678.0,464.34722558116916,672.0]},{"page":2,"text":".","rect":[461.5676574707031,690.0,464.3272976026535,684.0]},{"page":2,"text":".","rect":[469.28863525390627,160.0,472.04827538585666,154.0]},{"page":2,"text":".","rect":[469.2786560058594,172.0,472.03829613780979,166.0]},{"page":2,"text":".","rect":[469.3583984375,185.0,472.1180385694504,178.0]},{"page":2,"text":".","rect":[469.2787170410156,216.0,472.038357172966,212.0]},{"page":2,"text":".","rect":[469.2787780761719,230.0,472.03841820812229,224.0]},{"page":2,"text":".","rect":[469.2987365722656,240.0,472.058376704216,236.0]},{"page":2,"text":".","rect":[469.2987060546875,252.0,472.0583461866379,248.0]},{"page":2,"text":".","rect":[469.2986755371094,264.0,472.05831566905979,260.0]},{"page":2,"text":".","rect":[469.2987060546875,276.0,472.0583461866379,272.0]},{"page":2,"text":".","rect":[469.30865478515627,290.0,472.06829491710666,283.0]},{"page":2,"text":".","rect":[469.3185729980469,302.0,472.07821312999729,296.0]},{"page":2,"text":".","rect":[469.2986755371094,312.0,472.05831566905979,308.0]},{"page":2,"text":".","rect":[469.2986755371094,325.0,472.05831566905979,320.0]},{"page":2,"text":".","rect":[469.318603515625,336.0,472.0782436475754,331.0]},{"page":2,"text":".","rect":[469.3385314941406,350.0,472.098171626091,343.0]},{"page":2,"text":".","rect":[469.3086242675781,360.0,472.0682643995285,355.0]},{"page":2,"text":".","rect":[469.318603515625,372.0,472.0782436475754,367.0]},{"page":2,"text":".","rect":[469.318603515625,384.0,472.0782436475754,379.0]},{"page":2,"text":".","rect":[469.32855224609377,395.0,472.08819237804416,391.0]},{"page":2,"text":".","rect":[469.32855224609377,409.0,472.08819237804416,403.0]},{"page":2,"text":".","rect":[469.2886962890625,441.0,472.0483364210129,437.0]},{"page":2,"text":".","rect":[469.29864501953127,455.0,472.05828515148166,449.0]},{"page":2,"text":".","rect":[469.3385314941406,467.0,472.098171626091,461.0]},{"page":2,"text":".","rect":[469.3485107421875,477.0,472.1081508741379,473.0]},{"page":2,"text":".","rect":[469.3485107421875,489.0,472.1081508741379,485.0]},{"page":2,"text":".","rect":[469.3385314941406,503.0,472.098171626091,497.0]},{"page":2,"text":".","rect":[469.3285827636719,513.0,472.08822289562229,509.0]},{"page":2,"text":".","rect":[469.3185729980469,527.0,472.07821312999729,521.0]},{"page":2,"text":".","rect":[469.3385314941406,539.0,472.098171626091,533.0]},{"page":2,"text":".","rect":[469.3485107421875,549.0,472.1081508741379,545.0]},{"page":2,"text":".","rect":[469.3485107421875,561.0,472.1081508741379,557.0]},{"page":2,"text":".","rect":[469.3385314941406,575.0,472.098171626091,569.0]},{"page":2,"text":".","rect":[469.3285827636719,585.0,472.08822289562229,581.0]},{"page":2,"text":".","rect":[469.3086242675781,619.0,472.0682643995285,615.0]},{"page":2,"text":".","rect":[469.3285827636719,632.0,472.08822289562229,626.0]},{"page":2,"text":".","rect":[469.2886962890625,664.0,472.0483364210129,660.0]},{"page":2,"text":".","rect":[469.3285217285156,678.0,472.088161860466,672.0]},{"page":2,"text":".","rect":[469.30859375,690.0,472.0682338819504,684.0]},{"page":2,"text":".","rect":[477.0295715332031,160.0,479.7892116651535,154.0]},{"page":2,"text":".","rect":[477.01959228515627,172.0,479.77923241710666,166.0]},{"page":2,"text":".","rect":[477.0993347167969,185.0,479.85897484874729,178.0]},{"page":2,"text":".","rect":[477.0196533203125,216.0,479.7792934522629,212.0]},{"page":2,"text":".","rect":[477.01971435546877,230.0,479.77935448741916,224.0]},{"page":2,"text":".","rect":[477.0396728515625,240.0,479.7993129835129,236.0]},{"page":2,"text":".","rect":[477.0396423339844,252.0,479.79928246593479,248.0]},{"page":2,"text":".","rect":[477.03961181640627,264.0,479.79925194835666,260.0]},{"page":2,"text":".","rect":[477.0396423339844,276.0,479.79928246593479,272.0]},{"page":2,"text":".","rect":[477.0495910644531,290.0,479.8092311964035,283.0]},{"page":2,"text":".","rect":[477.05950927734377,302.0,479.81914940929416,296.0]},{"page":2,"text":".","rect":[477.03961181640627,312.0,479.79925194835666,308.0]},{"page":2,"text":".","rect":[477.03961181640627,325.0,479.79925194835666,320.0]},{"page":2,"text":".","rect":[477.0595397949219,336.0,479.81917992687229,331.0]},{"page":2,"text":".","rect":[477.0794677734375,350.0,479.8391079053879,343.0]},{"page":2,"text":".","rect":[477.049560546875,360.0,479.8092006788254,355.0]},{"page":2,"text":".","rect":[477.0595397949219,372.0,479.81917992687229,367.0]},{"page":2,"text":".","rect":[477.0595397949219,384.0,479.81917992687229,379.0]},{"page":2,"text":".","rect":[477.0694885253906,395.0,479.829128657341,391.0]},{"page":2,"text":".","rect":[477.0694885253906,409.0,479.829128657341,403.0]},{"page":2,"text":".","rect":[477.0296325683594,441.0,479.78927270030979,437.0]},{"page":2,"text":".","rect":[477.0395812988281,455.0,479.7992214307785,449.0]},{"page":2,"text":".","rect":[477.0794677734375,467.0,479.8391079053879,461.0]},{"page":2,"text":".","rect":[477.0894470214844,477.0,479.84908715343479,473.0]},{"page":2,"text":".","rect":[477.0894470214844,489.0,479.84908715343479,485.0]},{"page":2,"text":".","rect":[477.0794677734375,503.0,479.8391079053879,497.0]},{"page":2,"text":".","rect":[477.06951904296877,513.0,479.82915917491916,509.0]},{"page":2,"text":".","rect":[477.05950927734377,527.0,479.81914940929416,521.0]},{"page":2,"text":".","rect":[477.0794677734375,539.0,479.8391079053879,533.0]},{"page":2,"text":".","rect":[477.0894470214844,549.0,479.84908715343479,545.0]},{"page":2,"text":".","rect":[477.0894470214844,561.0,479.84908715343479,557.0]},{"page":2,"text":".","rect":[477.0794677734375,575.0,479.8391079053879,569.0]},{"page":2,"text":".","rect":[477.06951904296877,585.0,479.82915917491916,581.0]},{"page":2,"text":".","rect":[477.049560546875,619.0,479.8092006788254,615.0]},{"page":2,"text":".","rect":[477.06951904296877,632.0,479.82915917491916,626.0]},{"page":2,"text":".","rect":[477.0296325683594,664.0,479.78927270030979,660.0]},{"page":2,"text":".","rect":[477.0694580078125,678.0,479.8290981397629,672.0]},{"page":2,"text":".","rect":[477.0495300292969,690.0,479.80917016124729,684.0]},{"page":2,"text":".","rect":[484.7705078125,160.0,487.5301479444504,154.0]},{"page":2,"text":".","rect":[484.7605285644531,172.0,487.5201686964035,166.0]},{"page":2,"text":".","rect":[484.84027099609377,185.0,487.59991112804416,178.0]},{"page":2,"text":".","rect":[484.7605895996094,216.0,487.52022973155979,212.0]},{"page":2,"text":".","rect":[484.7606506347656,230.0,487.520290766716,224.0]},{"page":2,"text":".","rect":[484.7806091308594,240.0,487.54024926280979,236.0]},{"page":2,"text":".","rect":[484.78057861328127,252.0,487.54021874523166,248.0]},{"page":2,"text":".","rect":[484.7805480957031,264.0,487.5401882276535,260.0]},{"page":2,"text":".","rect":[484.78057861328127,276.0,487.54021874523166,272.0]},{"page":2,"text":".","rect":[484.79052734375,290.0,487.5501674757004,283.0]},{"page":2,"text":".","rect":[484.8004455566406,302.0,487.560085688591,296.0]},{"page":2,"text":".","rect":[484.7805480957031,312.0,487.5401882276535,308.0]},{"page":2,"text":".","rect":[484.7805480957031,325.0,487.5401882276535,320.0]},{"page":2,"text":".","rect":[484.80047607421877,336.0,487.56011620616916,331.0]},{"page":2,"text":".","rect":[484.8204040527344,350.0,487.58004418468479,343.0]},{"page":2,"text":".","rect":[484.7904968261719,360.0,487.55013695812229,355.0]},{"page":2,"text":".","rect":[484.80047607421877,372.0,487.56011620616916,367.0]},{"page":2,"text":".","rect":[484.80047607421877,384.0,487.56011620616916,379.0]},{"page":2,"text":".","rect":[484.8104248046875,395.0,487.5700649366379,391.0]},{"page":2,"text":".","rect":[484.8104248046875,409.0,487.5700649366379,403.0]},{"page":2,"text":".","rect":[484.77056884765627,441.0,487.53020897960666,437.0]},{"page":2,"text":".","rect":[484.780517578125,455.0,487.5401577100754,449.0]},{"page":2,"text":".","rect":[484.8204040527344,467.0,487.58004418468479,461.0]},{"page":2,"text":".","rect":[484.83038330078127,477.0,487.59002343273166,473.0]},{"page":2,"text":".","rect":[484.83038330078127,489.0,487.59002343273166,485.0]},{"page":2,"text":".","rect":[484.8204040527344,503.0,487.58004418468479,497.0]},{"page":2,"text":".","rect":[484.8104553222656,513.0,487.570095454216,509.0]},{"page":2,"text":".","rect":[484.8004455566406,527.0,487.560085688591,521.0]},{"page":2,"text":".","rect":[484.8204040527344,539.0,487.58004418468479,533.0]},{"page":2,"text":".","rect":[484.83038330078127,549.0,487.59002343273166,545.0]},{"page":2,"text":".","rect":[484.83038330078127,561.0,487.59002343273166,557.0]},{"page":2,"text":".","rect":[484.8204040527344,575.0,487.58004418468479,569.0]},{"page":2,"text":".","rect":[484.8104553222656,585.0,487.570095454216,581.0]},{"page":2,"text":".","rect":[484.7904968261719,619.0,487.55013695812229,615.0]},{"page":2,"text":".","rect":[484.8104553222656,632.0,487.570095454216,626.0]},{"page":2,"text":".","rect":[484.77056884765627,664.0,487.53020897960666,660.0]},{"page":2,"text":".","rect":[484.8103942871094,678.0,487.57003441905979,672.0]},{"page":2,"text":".","rect":[484.79046630859377,690.0,487.55010644054416,684.0]},{"page":2,"text":".","rect":[492.5114440917969,160.0,495.27108422374729,154.0]},{"page":2,"text":".","rect":[492.50146484375,172.0,495.2611049757004,166.0]},{"page":2,"text":".","rect":[492.5812072753906,185.0,495.340847407341,178.0]},{"page":2,"text":".","rect":[492.50152587890627,216.0,495.26116601085666,212.0]},{"page":2,"text":".","rect":[492.5015869140625,230.0,495.2612270460129,224.0]},{"page":2,"text":".","rect":[492.52154541015627,240.0,495.28118554210666,236.0]},{"page":2,"text":".","rect":[492.5215148925781,252.0,495.2811550245285,248.0]},{"page":2,"text":".","rect":[492.521484375,264.0,495.2811245069504,260.0]},{"page":2,"text":".","rect":[492.5215148925781,276.0,495.2811550245285,272.0]},{"page":2,"text":".","rect":[492.5314636230469,290.0,495.29110375499729,283.0]},{"page":2,"text":".","rect":[492.5413818359375,302.0,495.3010219678879,296.0]},{"page":2,"text":".","rect":[492.521484375,312.0,495.2811245069504,308.0]},{"page":2,"text":".","rect":[492.521484375,325.0,495.2811245069504,320.0]},{"page":2,"text":".","rect":[492.5414123535156,336.0,495.301052485466,331.0]},{"page":2,"text":".","rect":[492.56134033203127,350.0,495.32098046398166,343.0]},{"page":2,"text":".","rect":[492.53143310546877,360.0,495.29107323741916,355.0]},{"page":2,"text":".","rect":[492.5314636230469,372.0,495.29110375499729,367.0]},{"page":2,"text":".","rect":[492.5414123535156,384.0,495.301052485466,379.0]},{"page":2,"text":".","rect":[492.5513610839844,395.0,495.31100121593479,391.0]},{"page":2,"text":".","rect":[492.5513610839844,409.0,495.31100121593479,403.0]},{"page":2,"text":".","rect":[492.5115051269531,441.0,495.2711452589035,437.0]},{"page":2,"text":".","rect":[492.5214538574219,455.0,495.28109398937229,449.0]},{"page":2,"text":".","rect":[492.56134033203127,467.0,495.32098046398166,461.0]},{"page":2,"text":".","rect":[492.5713195800781,477.0,495.3309597120285,473.0]},{"page":2,"text":".","rect":[492.5713195800781,489.0,495.3309597120285,485.0]},{"page":2,"text":".","rect":[492.56134033203127,503.0,495.32098046398166,497.0]},{"page":2,"text":".","rect":[492.5513916015625,513.0,495.3110317335129,509.0]},{"page":2,"text":".","rect":[492.5413818359375,527.0,495.3010219678879,521.0]},{"page":2,"text":".","rect":[492.56134033203127,539.0,495.32098046398166,533.0]},{"page":2,"text":".","rect":[492.5713195800781,549.0,495.3309597120285,545.0]},{"page":2,"text":".","rect":[492.5713195800781,561.0,495.3309597120285,557.0]},{"page":2,"text":".","rect":[492.56134033203127,575.0,495.32098046398166,569.0]},{"page":2,"text":".","rect":[492.5513916015625,585.0,495.3110317335129,581.0]},{"page":2,"text":".","rect":[492.53143310546877,619.0,495.29107323741916,615.0]},{"page":2,"text":".","rect":[492.5513916015625,632.0,495.3110317335129,626.0]},{"page":2,"text":".","rect":[492.5115051269531,664.0,495.2711452589035,660.0]},{"page":2,"text":".","rect":[492.55133056640627,678.0,495.31097069835666,672.0]},{"page":2,"text":".","rect":[492.5314025878906,690.0,495.291042719841,684.0]},{"page":2,"text":".","rect":[500.25238037109377,160.0,503.01202050304416,154.0]},{"page":2,"text":".","rect":[500.2424011230469,172.0,503.00204125499729,166.0]},{"page":2,"text":".","rect":[500.3221435546875,185.0,503.0817836866379,178.0]},{"page":2,"text":".","rect":[500.2424621582031,216.0,503.0021022901535,212.0]},{"page":2,"text":".","rect":[500.2425231933594,230.0,503.00216332530979,224.0]},{"page":2,"text":".","rect":[500.2624816894531,240.0,503.0221218214035,236.0]},{"page":2,"text":".","rect":[500.262451171875,252.0,503.0220913038254,248.0]},{"page":2,"text":".","rect":[500.2624206542969,264.0,503.02206078624729,260.0]},{"page":2,"text":".","rect":[500.262451171875,276.0,503.0220913038254,272.0]},{"page":2,"text":".","rect":[500.27239990234377,290.0,503.03204003429416,283.0]},{"page":2,"text":".","rect":[500.2823181152344,302.0,503.04195824718479,296.0]},{"page":2,"text":".","rect":[500.2624206542969,312.0,503.02206078624729,308.0]},{"page":2,"text":".","rect":[500.2624206542969,325.0,503.02206078624729,320.0]},{"page":2,"text":".","rect":[500.2823486328125,336.0,503.0419887647629,331.0]},{"page":2,"text":".","rect":[500.3022766113281,350.0,503.0619167432785,343.0]},{"page":2,"text":".","rect":[500.2723693847656,360.0,503.032009516716,355.0]},{"page":2,"text":".","rect":[500.27239990234377,372.0,503.03204003429416,367.0]},{"page":2,"text":".","rect":[500.2823486328125,384.0,503.0419887647629,379.0]},{"page":2,"text":".","rect":[500.29229736328127,395.0,503.05193749523166,391.0]},{"page":2,"text":".","rect":[500.29229736328127,409.0,503.05193749523166,403.0]},{"page":2,"text":".","rect":[500.25244140625,441.0,503.0120815382004,437.0]},{"page":2,"text":".","rect":[500.26239013671877,455.0,503.02203026866916,449.0]},{"page":2,"text":".","rect":[500.3022766113281,467.0,503.0619167432785,461.0]},{"page":2,"text":".","rect":[500.312255859375,477.0,503.0718959913254,473.0]},{"page":2,"text":".","rect":[500.312255859375,489.0,503.0718959913254,485.0]},{"page":2,"text":".","rect":[500.3022766113281,503.0,503.0619167432785,497.0]},{"page":2,"text":".","rect":[500.2923278808594,513.0,503.05196801280979,509.0]},{"page":2,"text":".","rect":[500.2823181152344,527.0,503.04195824718479,521.0]},{"page":2,"text":".","rect":[500.3022766113281,539.0,503.0619167432785,533.0]},{"page":2,"text":".","rect":[500.312255859375,549.0,503.0718959913254,545.0]},{"page":2,"text":".","rect":[500.312255859375,561.0,503.0718959913254,557.0]},{"page":2,"text":".","rect":[500.3022766113281,575.0,503.0619167432785,569.0]},{"page":2,"text":".","rect":[500.2923278808594,585.0,503.05196801280979,581.0]},{"page":2,"text":".","rect":[500.2723693847656,619.0,503.032009516716,615.0]},{"page":2,"text":".","rect":[500.2923278808594,632.0,503.05196801280979,626.0]},{"page":2,"text":".","rect":[500.25244140625,664.0,503.0120815382004,660.0]},{"page":2,"text":".","rect":[500.2922668457031,678.0,503.0519069776535,672.0]},{"page":2,"text":".","rect":[500.2723388671875,690.0,503.0319789991379,684.0]},{"page":2,"text":".","rect":[507.9933166503906,160.0,510.752956782341,154.0]},{"page":2,"text":".","rect":[507.98333740234377,172.0,510.74297753429416,166.0]},{"page":2,"text":".","rect":[508.0531311035156,185.0,510.812771235466,178.0]},{"page":2,"text":".","rect":[507.9833984375,216.0,510.7430385694504,212.0]},{"page":2,"text":".","rect":[507.98345947265627,230.0,510.74309960460666,224.0]},{"page":2,"text":".","rect":[508.00341796875,240.0,510.7630581007004,236.0]},{"page":2,"text":".","rect":[508.0033874511719,252.0,510.76302758312229,248.0]},{"page":2,"text":".","rect":[508.00335693359377,264.0,510.76299706554416,260.0]},{"page":2,"text":".","rect":[508.0033874511719,276.0,510.76302758312229,272.0]},{"page":2,"text":".","rect":[508.0133361816406,290.0,510.772976313591,283.0]},{"page":2,"text":".","rect":[508.02325439453127,302.0,510.78289452648166,296.0]},{"page":2,"text":".","rect":[508.00335693359377,312.0,510.76299706554416,308.0]},{"page":2,"text":".","rect":[508.00335693359377,325.0,510.76299706554416,320.0]},{"page":2,"text":".","rect":[508.0232849121094,336.0,510.78292504405979,331.0]},{"page":2,"text":".","rect":[508.043212890625,350.0,510.8028530225754,343.0]},{"page":2,"text":".","rect":[508.0133056640625,360.0,510.7729457960129,355.0]},{"page":2,"text":".","rect":[508.0133361816406,372.0,510.772976313591,367.0]},{"page":2,"text":".","rect":[508.0232849121094,384.0,510.78292504405979,379.0]},{"page":2,"text":".","rect":[508.0332336425781,395.0,510.7928737745285,391.0]},{"page":2,"text":".","rect":[508.0332336425781,409.0,510.7928737745285,403.0]},{"page":2,"text":".","rect":[507.9933776855469,441.0,510.75301781749729,437.0]},{"page":2,"text":".","rect":[508.0033264160156,455.0,510.762966547966,449.0]},{"page":2,"text":".","rect":[508.043212890625,467.0,510.8028530225754,461.0]},{"page":2,"text":".","rect":[508.0531921386719,477.0,510.81283227062229,473.0]},{"page":2,"text":".","rect":[508.0531921386719,489.0,510.81283227062229,485.0]},{"page":2,"text":".","rect":[508.043212890625,503.0,510.8028530225754,497.0]},{"page":2,"text":".","rect":[508.03326416015627,513.0,510.79290429210666,509.0]},{"page":2,"text":".","rect":[508.02325439453127,527.0,510.78289452648166,521.0]},{"page":2,"text":".","rect":[508.043212890625,539.0,510.8028530225754,533.0]},{"page":2,"text":".","rect":[508.0531921386719,549.0,510.81283227062229,545.0]},{"page":2,"text":".","rect":[508.0531921386719,561.0,510.81283227062229,557.0]},{"page":2,"text":".","rect":[508.043212890625,575.0,510.8028530225754,569.0]},{"page":2,"text":".","rect":[508.03326416015627,585.0,510.79290429210666,581.0]},{"page":2,"text":".","rect":[508.0133056640625,619.0,510.7729457960129,615.0]},{"page":2,"text":".","rect":[508.03326416015627,632.0,510.79290429210666,626.0]},{"page":2,"text":".","rect":[507.9933776855469,664.0,510.75301781749729,660.0]},{"page":2,"text":".","rect":[508.033203125,678.0,510.7928432569504,672.0]},{"page":2,"text":".","rect":[508.0132751464844,690.0,510.77291527843479,684.0]},{"page":2,"text":".","rect":[515.7342529296875,160.0,518.4938930616379,154.0]},{"page":2,"text":".","rect":[515.7242431640625,172.0,518.4838832960129,166.0]},{"page":2,"text":".","rect":[515.7940673828125,185.0,518.5537075147629,178.0]},{"page":2,"text":".","rect":[515.71435546875,216.0,518.4739956007004,212.0]},{"page":2,"text":".","rect":[515.724365234375,230.0,518.4840053663254,224.0]},{"page":2,"text":".","rect":[515.744384765625,240.0,518.5040248975754,236.0]},{"page":2,"text":".","rect":[515.7443237304688,252.0,518.5039638624191,248.0]},{"page":2,"text":".","rect":[515.7442626953125,264.0,518.5039028272629,260.0]},{"page":2,"text":".","rect":[515.7443237304688,276.0,518.5039638624191,272.0]},{"page":2,"text":".","rect":[515.7542724609375,290.0,518.5139125928879,283.0]},{"page":2,"text":".","rect":[515.76416015625,302.0,518.5238002882004,296.0]},{"page":2,"text":".","rect":[515.7442626953125,312.0,518.5039028272629,308.0]},{"page":2,"text":".","rect":[515.7442626953125,325.0,518.5039028272629,320.0]},{"page":2,"text":".","rect":[515.7642211914063,336.0,518.5238613233566,331.0]},{"page":2,"text":".","rect":[515.7841796875,350.0,518.5438198194504,343.0]},{"page":2,"text":".","rect":[515.7542724609375,360.0,518.5139125928879,355.0]},{"page":2,"text":".","rect":[515.7542724609375,372.0,518.5139125928879,367.0]},{"page":2,"text":".","rect":[515.7642211914063,384.0,518.5238613233566,379.0]},{"page":2,"text":".","rect":[515.774169921875,395.0,518.5338100538254,391.0]},{"page":2,"text":".","rect":[515.774169921875,409.0,518.5338100538254,403.0]},{"page":2,"text":".","rect":[515.7343139648438,441.0,518.4939540967941,437.0]},{"page":2,"text":".","rect":[515.7442626953125,455.0,518.5039028272629,449.0]},{"page":2,"text":".","rect":[515.7841796875,467.0,518.5438198194504,461.0]},{"page":2,"text":".","rect":[515.7941284179688,477.0,518.5537685499191,473.0]},{"page":2,"text":".","rect":[515.7941284179688,489.0,518.5537685499191,485.0]},{"page":2,"text":".","rect":[515.774169921875,503.0,518.5338100538254,497.0]},{"page":2,"text":".","rect":[515.774169921875,513.0,518.5338100538254,509.0]},{"page":2,"text":".","rect":[515.76416015625,527.0,518.5238002882004,521.0]},{"page":2,"text":".","rect":[515.7841796875,539.0,518.5438198194504,533.0]},{"page":2,"text":".","rect":[515.7941284179688,549.0,518.5537685499191,545.0]},{"page":2,"text":".","rect":[515.7941284179688,561.0,518.5537685499191,557.0]},{"page":2,"text":".","rect":[515.774169921875,575.0,518.5338100538254,569.0]},{"page":2,"text":".","rect":[515.774169921875,585.0,518.5338100538254,581.0]},{"page":2,"text":".","rect":[515.7542724609375,619.0,518.5139125928879,615.0]},{"page":2,"text":".","rect":[515.774169921875,632.0,518.5338100538254,626.0]},{"page":2,"text":".","rect":[515.7343139648438,664.0,518.4939540967941,660.0]},{"page":2,"text":".","rect":[515.774169921875,678.0,518.5338100538254,672.0]},{"page":2,"text":".","rect":[515.7542114257813,690.0,518.5138515577316,684.0]},{"page":2,"text":"4","rect":[534.2720336914063,103.87994384765625,540.000528550148,97.344482421875]},{"page":2,"text":"4","rect":[534.2720336914063,125.7979736328125,540.000528550148,119.26251220703125]},{"page":2,"text":"4","rect":[534.2720336914063,147.7159423828125,540.000528550148,141.18048095703126]},{"page":2,"text":"4","rect":[534.58349609375,159.67095947265626,539.5647959709168,152.92628479003907]},{"page":2,"text":"4","rect":[534.573486328125,171.6259765625,539.5547862052918,164.8813018798828]},{"page":2,"text":"4","rect":[534.6532592773438,183.58197021484376,539.6345591545105,176.83729553222657]},{"page":2,"text":"5","rect":[534.2720947265625,205.5985870361328,540.0005895853043,198.9734649658203]},{"page":2,"text":"5","rect":[534.5735473632813,217.66416931152345,539.554847240448,210.8198699951172]},{"page":2,"text":"5","rect":[534.5736083984375,229.6191864013672,539.5549082756043,222.77488708496095]},{"page":2,"text":"5","rect":[534.5936279296875,241.57420349121095,539.5749278068543,234.7299041748047]},{"page":2,"text":"5","rect":[534.5935668945313,253.5292205810547,539.574866771698,246.68492126464845]},{"page":2,"text":"5","rect":[534.593505859375,265.4842529296875,539.5748057365418,258.6399230957031]},{"page":2,"text":"5","rect":[534.5935668945313,277.43927001953127,539.574866771698,270.5949401855469]},{"page":2,"text":"5","rect":[534.603515625,289.395263671875,539.5848155021668,282.5509338378906]},{"page":2,"text":"5","rect":[534.6134033203125,301.3502502441406,539.5947031974793,294.50592041015627]},{"page":2,"text":"6","rect":[534.593505859375,313.30523681640627,539.5748057365418,306.4609069824219]},{"page":2,"text":"6","rect":[534.593505859375,325.2602233886719,539.5748057365418,318.4158935546875]},{"page":2,"text":"6","rect":[534.6134643554688,337.2152099609375,539.5947642326355,330.3708801269531]},{"page":2,"text":"10","rect":[529.652099609375,349.1701965332031,539.6147227287293,342.32586669921877]},{"page":2,"text":"11","rect":[529.6221923828125,360.9169616699219,539.5848155021668,354.2818603515625]},{"page":2,"text":"11","rect":[529.6322021484375,372.8719482421875,539.5948252677918,366.2368469238281]},{"page":2,"text":"12","rect":[529.6321411132813,384.8269348144531,539.5947642326355,378.19183349609377]},{"page":2,"text":"15","rect":[529.64208984375,396.99114990234377,539.6047129631043,390.1468200683594]},{"page":2,"text":"20","rect":[529.64208984375,408.9461364746094,539.6047129631043,402.101806640625]},{"page":2,"text":"22","rect":[528.40673828125,430.6549072265625,539.8637487649918,424.12939453125]},{"page":2,"text":"22","rect":[529.6022338867188,442.6098937988281,539.564857006073,435.97479248046877]},{"page":2,"text":"22","rect":[529.6121826171875,454.56488037109377,539.5748057365418,447.9297790527344]},{"page":2,"text":"22","rect":[529.652099609375,466.5208740234375,539.6147227287293,459.8857727050781]},{"page":2,"text":"23","rect":[529.6620483398438,478.6850891113281,539.624671459198,471.84075927734377]},{"page":2,"text":"23","rect":[529.6620483398438,490.64007568359377,539.624671459198,483.7957458496094]},{"page":2,"text":"24","rect":[529.652099609375,502.3858337402344,539.6147227287293,495.6411437988281]},{"page":2,"text":"24","rect":[529.64208984375,514.3408203125,539.6047129631043,507.59613037109377]},{"page":2,"text":"25","rect":[529.632080078125,526.5060424804688,539.5947031974793,519.6617431640625]},{"page":2,"text":"25","rect":[529.652099609375,538.4610595703125,539.6147227287293,531.6167602539063]},{"page":2,"text":"25","rect":[529.6620483398438,550.416015625,539.624671459198,543.5717163085938]},{"page":2,"text":"26","rect":[529.6620483398438,562.3710327148438,539.624671459198,555.5267333984375]},{"page":2,"text":"27","rect":[529.652099609375,574.3260498046875,539.6147227287293,567.382080078125]},{"page":2,"text":"27","rect":[529.64208984375,586.2810668945313,539.6047129631043,579.3370971679688]},{"page":2,"text":"28","rect":[528.4266967773438,608.0894165039063,539.8836462259293,601.4642944335938]},{"page":2,"text":"28","rect":[529.6221923828125,620.154052734375,539.5848155021668,613.3097534179688]},{"page":2,"text":"28","rect":[529.64208984375,632.1100463867188,539.6047129631043,625.2657470703125]},{"page":2,"text":"32","rect":[528.4465942382813,653.9174194335938,539.9035436868668,647.2922973632813]},{"page":2,"text":"32","rect":[529.6022338867188,665.9830322265625,539.564857006073,659.1387329101563]},{"page":2,"text":"33","rect":[529.64208984375,677.9380493164063,539.6047129631043,671.09375]},{"page":2,"text":"33","rect":[529.6221313476563,689.89306640625,539.5847544670105,683.0487670898438]},{"page":2,"text":"34","rect":[528.4465942382813,711.701416015625,539.9035436868668,705.0663452148438]},{"page":3,"text":"`9","rect":[72.0,82.06257629394531,77.72849485874176,75.43744659423828]},{"page":3,"text":"10","rect":[71.99996948242188,271.3528137207031,83.45695707798004,264.7276611328125]},{"page":3,"text":"11","rect":[71.99996948242188,293.1711730957031,83.45695707798004,286.6456604003906]},{"page":3,"text":"12","rect":[71.99996948242188,315.08917236328127,83.45695707798004,308.56365966796877]},{"page":3,"text":"13","rect":[71.99996948242188,444.70269775390627,83.45695707798004,438.0775451660156]},{"page":3,"text":"14","rect":[71.99996948242188,466.52105712890627,83.45695707798004,459.985595703125]},{"page":3,"text":"15","rect":[71.99996948242188,488.5386962890625,83.45695707798004,481.9135437011719]},{"page":3,"text":"16","rect":[71.99996948242188,510.4556884765625,83.45695707798004,503.8305358886719]},{"page":3,"text":"17","rect":[71.99996948242188,532.3736572265625,83.45695707798004,525.539306640625]},{"page":3,"text":"18","rect":[71.99996948242188,578.20166015625,83.45695707798004,571.5765380859375]},{"page":3,"text":"19","rect":[71.99996948242188,600.11962890625,83.45695707798004,593.4945068359375]},{"page":3,"text":"20","rect":[71.99996948242188,622.0376586914063,83.45695707798004,615.4125366210938]},{"page":3,"text":"21","rect":[71.99996948242188,667.7660522460938,83.45695707798004,661.2405395507813]},{"page":3,"text":"22","rect":[71.99996948242188,689.68408203125,83.45695707798004,683.1585693359375]},{"page":3,"text":"Confguration","rect":[86.94390106201172,83.95547485351563,155.73565524482729,74.9891357421875]},{"page":3,"text":"9.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[86.9439697265625,94.12718200683594,394.64876977062229,86.89433288574219]},{"page":3,"text":"9.2","rect":[86.9439697265625,107.0,99.66620588302613,99.2378921508789]},{"page":3,"text":"9.3","rect":[86.9439697265625,118.03721618652344,99.66620588302613,111.19290924072266]},{"page":3,"text":"9.4","rect":[86.9439697265625,130.0,99.66620588302613,123.03833770751953]},{"page":3,"text":"9.5","rect":[86.9439697265625,154.0,99.66620588302613,147.05894470214845]},{"page":3,"text":"9.6","rect":[86.9439697265625,166.0,99.66620588302613,159.0139617919922]},{"page":3,"text":"9.7","rect":[86.9439697265625,177.8132781982422,99.66620588302613,170.86935424804688]},{"page":3,"text":"9.8","rect":[86.9439697265625,226.0,99.66620588302613,218.79002380371095]},{"page":3,"text":"9.9","rect":[86.9439697265625,238.0,99.66620588302613,230.7450408935547]},{"page":3,"text":"9.10","rect":[86.9439697265625,250.0,104.64751386642456,242.70005798339845]},{"page":3,"text":"9.7.1 File-Based . . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[109.85797119140625,189.76829528808595,394.668728266716,182.64503479003907]},{"page":3,"text":"9.7.2 Active Directory (AD) / LDAP . . . . . . . . . . . . . ..","rect":[109.85797119140625,203.99478149414063,394.6787075147629,194.04214477539063]},{"page":3,"text":"9.7.3 Confguring LDAP Through Web Interface . . . . . . ..","rect":[109.85797119140625,215.51242065429688,394.7285122022629,206.3368682861328]},{"page":3,"text":"Confguring Messaging and Repository Settings through Web UI","rect":[109.84799194335938,227.46743774414063,391.50061228084567,218.40147399902345]},{"page":3,"text":"Optionally Disabling UI and WebTAK on HTTPS Ports . . . ..","rect":[109.84799194335938,239.42245483398438,394.6986049757004,230.2469024658203]},{"page":3,"text":"VBM Admin Confguration . . . . . . . . . . . . . . . . . . . ..","rect":[109.46940612792969,251.37747192382813,394.6886257276535,242.20191955566407]},{"page":3,"text":"WebTAK","rect":[86.9438705444336,271.3229064941406,134.07692646312715,264.2992858886719]},{"page":3,"text":"Device Profles","rect":[86.9438705444336,293.2209777832031,161.9223899641037,286.1973571777344]},{"page":3,"text":"Federation","rect":[86.9438705444336,315.13897705078127,140.0445236530304,308.1751403808594]},{"page":3,"text":"12.1 Overview . . . . . . . . . . . . . . . ..","rect":[86.9439697265625,327.2533874511719,286.2756313428879,320.0205383300781]},{"page":3,"text":"12.2 Enable Federation . . . . . . . . . . ..","rect":[86.9439697265625,339.0987854003906,286.28561059093479,332.0851135253906]},{"page":3,"text":"12.3 Upload Federate Certifcate . . . . . ..","rect":[86.9439697265625,352.8769226074219,286.28561059093479,343.9305114746094]},{"page":3,"text":"12.4 Make the Connection . . . . . . . . . ..","rect":[86.9439697265625,363.11834716796877,286.28558007335666,355.885498046875]},{"page":3,"text":"12.5 Federated Group Mapping . . . . . . ..","rect":[86.9439697265625,376.90643310546877,286.28561059093479,367.8404846191406]},{"page":3,"text":"12.6 Mission Federation Disruption Tolerance","rect":[86.9439697265625,388.7428894042969,287.02282056045535,379.90606689453127]},{"page":3,"text":"12.7 Data Package and Mission File Blocker","rect":[86.9439697265625,400.8174133300781,281.1350005273819,391.8610534667969]},{"page":3,"text":"12.8 Federation Example . . . . . . . . . ..","rect":[86.9439697265625,412.6528625488281,286.28558007335666,403.8160400390625]},{"page":3,"text":"12.8.1","rect":[109.85797119140625,423.0,135.30245161056519,416.0499572753906]},{"page":3,"text":"Alternate Confguration","rect":[141.33978271484376,424.7273864746094,245.62827240467073,415.5518493652344]},{"page":3,"text":".","rect":[252.5921173095703,423.0,255.3517574415207,417.0]},{"page":3,"text":".","rect":[260.33306884765627,423.0,263.09270897960666,417.0]},{"page":3,"text":".","rect":[268.073974609375,423.0,270.8336147413254,417.0]},{"page":3,"text":".","rect":[275.81494140625,423.0,278.5745815382004,417.0]},{"page":3,"text":".","rect":[283.55584716796877,423.0,286.31548729991916,417.0]},{"page":3,"text":"Metrics","rect":[86.9438705444336,444.6528625488281,125.01096723461152,437.7687072753906]},{"page":3,"text":".","rect":[291.2569580078125,326.0,294.0165981397629,322.0]},{"page":3,"text":".","rect":[291.26690673828127,338.0,294.02654687023166,334.0]},{"page":3,"text":".","rect":[291.26690673828127,351.0,294.02654687023166,345.0]},{"page":3,"text":".","rect":[291.26690673828127,362.0,294.02654687023166,357.0]},{"page":3,"text":".","rect":[291.26690673828127,375.0,294.02654687023166,369.0]},{"page":3,"text":".","rect":[291.2469787597656,387.0,294.006618891716,381.0]},{"page":3,"text":".","rect":[291.286865234375,399.0,294.0465053663254,393.0]},{"page":3,"text":".","rect":[291.26690673828127,411.0,294.02654687023166,405.0]},{"page":3,"text":".","rect":[291.29681396484377,423.0,294.05645409679416,417.0]},{"page":3,"text":".","rect":[298.99786376953127,326.0,301.75750390148166,322.0]},{"page":3,"text":".","rect":[299.0078430175781,338.0,301.7674831495285,334.0]},{"page":3,"text":".","rect":[299.0078430175781,351.0,301.7674831495285,345.0]},{"page":3,"text":".","rect":[299.0078125,362.0,301.7674526319504,357.0]},{"page":3,"text":".","rect":[299.0078430175781,375.0,301.7674831495285,369.0]},{"page":3,"text":".","rect":[298.9879150390625,387.0,301.7475551710129,381.0]},{"page":3,"text":".","rect":[299.02783203125,399.0,301.7874721632004,393.0]},{"page":3,"text":".","rect":[299.0078125,411.0,301.7674526319504,405.0]},{"page":3,"text":".","rect":[299.0377197265625,423.0,301.7973598585129,417.0]},{"page":3,"text":".","rect":[306.73883056640627,326.0,309.49847069835666,322.0]},{"page":3,"text":".","rect":[306.73883056640627,338.0,309.49847069835666,334.0]},{"page":3,"text":".","rect":[306.748779296875,351.0,309.5084194288254,345.0]},{"page":3,"text":".","rect":[306.748779296875,362.0,309.5084194288254,357.0]},{"page":3,"text":".","rect":[306.748779296875,375.0,309.5084194288254,369.0]},{"page":3,"text":".","rect":[306.7288513183594,387.0,309.48849145030979,381.0]},{"page":3,"text":".","rect":[306.76873779296877,399.0,309.52837792491916,393.0]},{"page":3,"text":".","rect":[306.748779296875,411.0,309.5084194288254,405.0]},{"page":3,"text":".","rect":[306.7786865234375,423.0,309.5383266553879,417.0]},{"page":3,"text":".","rect":[314.479736328125,326.0,317.2393764600754,322.0]},{"page":3,"text":".","rect":[314.4797668457031,338.0,317.2394069776535,334.0]},{"page":3,"text":".","rect":[314.4897155761719,351.0,317.24935570812229,345.0]},{"page":3,"text":".","rect":[314.48968505859377,362.0,317.24932519054416,357.0]},{"page":3,"text":".","rect":[314.4897155761719,375.0,317.24935570812229,369.0]},{"page":3,"text":".","rect":[314.46978759765627,387.0,317.22942772960666,381.0]},{"page":3,"text":".","rect":[314.50970458984377,399.0,317.26934472179416,393.0]},{"page":3,"text":".","rect":[314.48968505859377,411.0,317.24932519054416,405.0]},{"page":3,"text":".","rect":[314.51959228515627,423.0,317.27923241710666,417.0]},{"page":3,"text":".","rect":[322.220703125,326.0,324.9803432569504,322.0]},{"page":3,"text":".","rect":[322.220703125,338.0,324.9803432569504,334.0]},{"page":3,"text":".","rect":[322.23065185546877,351.0,324.99029198741916,345.0]},{"page":3,"text":".","rect":[322.23065185546877,362.0,324.99029198741916,357.0]},{"page":3,"text":".","rect":[322.23065185546877,375.0,324.99029198741916,369.0]},{"page":3,"text":".","rect":[322.2107238769531,387.0,324.9703640089035,381.0]},{"page":3,"text":".","rect":[322.2506103515625,399.0,325.0102504835129,393.0]},{"page":3,"text":".","rect":[322.23065185546877,411.0,324.99029198741916,405.0]},{"page":3,"text":".","rect":[322.26055908203127,423.0,325.02019921398166,417.0]},{"page":3,"text":".","rect":[329.96160888671877,326.0,332.72124901866916,322.0]},{"page":3,"text":".","rect":[329.9616394042969,338.0,332.72127953624729,334.0]},{"page":3,"text":".","rect":[329.9715881347656,351.0,332.731228266716,345.0]},{"page":3,"text":".","rect":[329.9715576171875,362.0,332.7311977491379,357.0]},{"page":3,"text":".","rect":[329.9715881347656,375.0,332.731228266716,369.0]},{"page":3,"text":".","rect":[329.95166015625,387.0,332.7113002882004,381.0]},{"page":3,"text":".","rect":[329.9915771484375,399.0,332.7512172803879,393.0]},{"page":3,"text":".","rect":[329.9715576171875,411.0,332.7311977491379,405.0]},{"page":3,"text":".","rect":[330.00146484375,423.0,332.7611049757004,417.0]},{"page":3,"text":".","rect":[337.70257568359377,326.0,340.46221581554416,322.0]},{"page":3,"text":".","rect":[337.70257568359377,338.0,340.46221581554416,334.0]},{"page":3,"text":".","rect":[337.7125244140625,351.0,340.4721645460129,345.0]},{"page":3,"text":".","rect":[337.7125244140625,362.0,340.4721645460129,357.0]},{"page":3,"text":".","rect":[337.7125244140625,375.0,340.4721645460129,369.0]},{"page":3,"text":".","rect":[337.6925964355469,387.0,340.45223656749729,381.0]},{"page":3,"text":".","rect":[337.73248291015627,399.0,340.49212304210666,393.0]},{"page":3,"text":".","rect":[337.7125244140625,411.0,340.4721645460129,405.0]},{"page":3,"text":".","rect":[337.742431640625,423.0,340.5020717725754,417.0]},{"page":3,"text":".","rect":[345.4435119628906,326.0,348.203152094841,322.0]},{"page":3,"text":".","rect":[345.4435119628906,338.0,348.203152094841,334.0]},{"page":3,"text":".","rect":[345.4534606933594,351.0,348.21310082530979,345.0]},{"page":3,"text":".","rect":[345.4534606933594,362.0,348.21310082530979,357.0]},{"page":3,"text":".","rect":[345.4534606933594,375.0,348.21310082530979,369.0]},{"page":3,"text":".","rect":[345.43353271484377,387.0,348.19317284679416,381.0]},{"page":3,"text":".","rect":[345.47344970703127,399.0,348.23308983898166,393.0]},{"page":3,"text":".","rect":[345.4534606933594,411.0,348.21310082530979,405.0]},{"page":3,"text":".","rect":[345.48333740234377,423.0,348.24297753429416,417.0]},{"page":3,"text":".","rect":[353.1844482421875,326.0,355.9440883741379,322.0]},{"page":3,"text":".","rect":[353.1844482421875,338.0,355.9440883741379,334.0]},{"page":3,"text":".","rect":[353.19439697265627,351.0,355.95403710460666,345.0]},{"page":3,"text":".","rect":[353.19439697265627,362.0,355.95403710460666,357.0]},{"page":3,"text":".","rect":[353.19439697265627,375.0,355.95403710460666,369.0]},{"page":3,"text":".","rect":[353.1744689941406,387.0,355.934109126091,381.0]},{"page":3,"text":".","rect":[353.2143859863281,399.0,355.9740261182785,393.0]},{"page":3,"text":".","rect":[353.19439697265627,411.0,355.95403710460666,405.0]},{"page":3,"text":".","rect":[353.22430419921877,423.0,355.98394433116916,417.0]},{"page":3,"text":".","rect":[360.9253845214844,326.0,363.68502465343479,322.0]},{"page":3,"text":".","rect":[360.9253845214844,338.0,363.68502465343479,334.0]},{"page":3,"text":".","rect":[360.9353332519531,351.0,363.6949733839035,345.0]},{"page":3,"text":".","rect":[360.9353332519531,362.0,363.6949733839035,357.0]},{"page":3,"text":".","rect":[360.9353332519531,375.0,363.6949733839035,369.0]},{"page":3,"text":".","rect":[360.9154052734375,387.0,363.6750454053879,381.0]},{"page":3,"text":".","rect":[360.955322265625,399.0,363.7149623975754,393.0]},{"page":3,"text":".","rect":[360.9353332519531,411.0,363.6949733839035,405.0]},{"page":3,"text":".","rect":[360.9652099609375,423.0,363.7248500928879,417.0]},{"page":3,"text":".","rect":[368.66632080078127,326.0,371.42596093273166,322.0]},{"page":3,"text":".","rect":[368.66632080078127,338.0,371.42596093273166,334.0]},{"page":3,"text":".","rect":[368.67626953125,351.0,371.4359096632004,345.0]},{"page":3,"text":".","rect":[368.67626953125,362.0,371.4359096632004,357.0]},{"page":3,"text":".","rect":[368.67626953125,375.0,371.4359096632004,369.0]},{"page":3,"text":".","rect":[368.6563415527344,387.0,371.41598168468479,381.0]},{"page":3,"text":".","rect":[368.6962585449219,399.0,371.45589867687229,393.0]},{"page":3,"text":".","rect":[368.67626953125,411.0,371.4359096632004,405.0]},{"page":3,"text":".","rect":[368.7061767578125,423.0,371.4658168897629,417.0]},{"page":3,"text":".","rect":[376.4072570800781,326.0,379.1668972120285,322.0]},{"page":3,"text":".","rect":[376.4072570800781,338.0,379.1668972120285,334.0]},{"page":3,"text":".","rect":[376.4172058105469,351.0,379.17684594249729,345.0]},{"page":3,"text":".","rect":[376.4172058105469,362.0,379.17684594249729,357.0]},{"page":3,"text":".","rect":[376.4172058105469,375.0,379.17684594249729,369.0]},{"page":3,"text":".","rect":[376.39727783203127,387.0,379.15691796398166,381.0]},{"page":3,"text":".","rect":[376.42724609375,399.0,379.1868862257004,393.0]},{"page":3,"text":".","rect":[376.4072570800781,411.0,379.1668972120285,405.0]},{"page":3,"text":".","rect":[376.4471130371094,423.0,379.20675316905979,417.0]},{"page":3,"text":".","rect":[384.148193359375,326.0,386.9078334913254,322.0]},{"page":3,"text":".","rect":[384.148193359375,338.0,386.9078334913254,334.0]},{"page":3,"text":".","rect":[384.15814208984377,351.0,386.91778222179416,345.0]},{"page":3,"text":".","rect":[384.15814208984377,362.0,386.91778222179416,357.0]},{"page":3,"text":".","rect":[384.15814208984377,375.0,386.91778222179416,369.0]},{"page":3,"text":".","rect":[384.1382141113281,387.0,386.8978542432785,381.0]},{"page":3,"text":".","rect":[384.1681823730469,399.0,386.92782250499729,393.0]},{"page":3,"text":".","rect":[384.148193359375,411.0,386.9078334913254,405.0]},{"page":3,"text":".","rect":[384.18804931640627,423.0,386.94768944835666,417.0]},{"page":3,"text":".","rect":[391.8891296386719,326.0,394.64876977062229,322.0]},{"page":3,"text":".","rect":[391.8891296386719,338.0,394.64876977062229,334.0]},{"page":3,"text":".","rect":[391.8990783691406,351.0,394.658718501091,345.0]},{"page":3,"text":".","rect":[391.8990783691406,362.0,394.658718501091,357.0]},{"page":3,"text":".","rect":[391.8990783691406,375.0,394.658718501091,369.0]},{"page":3,"text":".","rect":[391.879150390625,387.0,394.6387905225754,381.0]},{"page":3,"text":".","rect":[391.90911865234377,399.0,394.66875878429416,393.0]},{"page":3,"text":".","rect":[391.8891296386719,411.0,394.64876977062229,405.0]},{"page":3,"text":".","rect":[391.9289855957031,423.0,394.6886257276535,417.0]},{"page":3,"text":"Logging","rect":[86.9438705444336,468.5135803222656,126.27621672153473,459.68670654296877]},{"page":3,"text":"Group Filtering for Multicast Networks","rect":[86.9438705444336,490.43157958984377,286.51464460277557,481.4652404785156]},{"page":3,"text":"OAuth2 Authentication","rect":[86.9438705444336,510.4556884765625,205.07043307685854,503.40216064453127]},{"page":3,"text":"User Management UI","rect":[86.9438705444336,534.2665405273438,195.64578699874878,525.439697265625]},{"page":3,"text":"17.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[86.9439697265625,544.4382934570313,394.64876977062229,537.2054443359375]},{"page":3,"text":"17.2 Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..","rect":[86.9439697265625,558.2274169921875,394.6686977491379,549.380615234375]},{"page":3,"text":"Data Retention Tool","rect":[86.9438705444336,578.20166015625,190.21618577671053,571.18798828125]},{"page":3,"text":"Appendix A: Acronyms and Abbreviations","rect":[86.9438705444336,602.0025634765625,301.57812116527557,593.0661010742188]},{"page":3,"text":"Appendix B: Certifcate Generation","rect":[86.9438705444336,623.86083984375,267.04775851631168,614.9642333984375]},{"page":3,"text":"20.1 Confgure TAK Server Certifcate ..","rect":[86.9439697265625,635.9354248046875,270.8137172803879,626.7598266601563]},{"page":3,"text":"20.2 Installing Client Certifcates . . . ..","rect":[86.9439697265625,647.890380859375,270.77386132335666,638.8244018554688]},{"page":3,"text":".","rect":[275.79498291015627,634.0,278.55462304210666,628.0]},{"page":3,"text":".","rect":[275.7551574707031,646.0,278.5147976026535,640.0]},{"page":3,"text":".","rect":[283.53594970703127,634.0,286.29558983898166,628.0]},{"page":3,"text":".","rect":[283.49609375,646.0,286.2557338819504,640.0]},{"page":3,"text":".","rect":[291.27685546875,634.0,294.0364956007004,628.0]},{"page":3,"text":".","rect":[291.2370300292969,646.0,293.99667016124729,640.0]},{"page":3,"text":".","rect":[299.017822265625,634.0,301.7774623975754,628.0]},{"page":3,"text":".","rect":[298.97796630859377,646.0,301.73760644054416,640.0]},{"page":3,"text":".","rect":[306.75872802734377,634.0,309.51836815929416,628.0]},{"page":3,"text":".","rect":[306.7189025878906,646.0,309.478542719841,640.0]},{"page":3,"text":".","rect":[314.49969482421877,634.0,317.25933495616916,628.0]},{"page":3,"text":".","rect":[314.4598388671875,646.0,317.2194789991379,640.0]},{"page":3,"text":"Appendix C: Certifcate Signing","rect":[86.9438705444336,669.758544921875,248.1885626077652,660.792236328125]},{"page":3,"text":"Appendix D: PostgreSQL TLS Confguration","rect":[86.9438705444336,691.6765747070313,312.7860702838898,682.7102661132813]},{"page":3,"text":"22.1 Confgure PostgreSQL server to use TLS . . ..","rect":[86.9439697265625,703.681396484375,317.27926293468479,694.6154174804688]},{"page":3,"text":"22.2 Generate Client keys and certifcates . . . . ..","rect":[86.9439697265625,715.6264038085938,317.22945824718479,706.5704345703125]},{"page":3,"text":".","rect":[322.2406005859375,634.0,325.0002407178879,628.0]},{"page":3,"text":".","rect":[322.2007751464844,646.0,324.96041527843479,640.0]},{"page":3,"text":".","rect":[322.26055908203127,702.0,325.02019921398166,696.0]},{"page":3,"text":".","rect":[322.21075439453127,714.0,324.97039452648166,708.0]},{"page":3,"text":".","rect":[329.9815673828125,634.0,332.7412075147629,628.0]},{"page":3,"text":".","rect":[329.94171142578127,646.0,332.70135155773166,640.0]},{"page":3,"text":".","rect":[330.0014953613281,702.0,332.7611354932785,696.0]},{"page":3,"text":".","rect":[329.9417419433594,714.0,332.70138207530979,708.0]},{"page":3,"text":".","rect":[337.72247314453127,634.0,340.48211327648166,628.0]},{"page":3,"text":".","rect":[337.6826477050781,646.0,340.4422878370285,640.0]},{"page":3,"text":".","rect":[337.742431640625,702.0,340.5020717725754,696.0]},{"page":3,"text":".","rect":[337.68267822265627,714.0,340.44231835460666,708.0]},{"page":3,"text":".","rect":[345.46343994140627,634.0,348.22308007335666,628.0]},{"page":3,"text":".","rect":[345.423583984375,646.0,348.1832241163254,640.0]},{"page":3,"text":".","rect":[345.4833679199219,702.0,348.24300805187229,696.0]},{"page":3,"text":".","rect":[345.4236145019531,714.0,348.1832546339035,708.0]},{"page":3,"text":".","rect":[353.2043762207031,634.0,355.9640163526535,628.0]},{"page":3,"text":".","rect":[353.1645202636719,646.0,355.92416039562229,640.0]},{"page":3,"text":".","rect":[353.22430419921877,702.0,355.98394433116916,696.0]},{"page":3,"text":".","rect":[353.16455078125,714.0,355.9241909132004,708.0]},{"page":3,"text":".","rect":[360.9453125,634.0,363.7049526319504,628.0]},{"page":3,"text":".","rect":[360.90545654296877,646.0,363.66509667491916,640.0]},{"page":3,"text":".","rect":[360.9652404785156,702.0,363.724880610466,696.0]},{"page":3,"text":".","rect":[360.9054870605469,714.0,363.66512719249729,708.0]},{"page":3,"text":".","rect":[368.6862487792969,634.0,371.44588891124729,628.0]},{"page":3,"text":".","rect":[368.6463928222656,646.0,371.406032954216,640.0]},{"page":3,"text":".","rect":[368.7061767578125,702.0,371.4658168897629,696.0]},{"page":3,"text":".","rect":[368.64642333984377,714.0,371.40606347179416,708.0]},{"page":3,"text":".","rect":[376.417236328125,634.0,379.1768764600754,628.0]},{"page":3,"text":".","rect":[376.3873291015625,646.0,379.1469692335129,640.0]},{"page":3,"text":".","rect":[376.4371643066406,702.0,379.196804438591,696.0]},{"page":3,"text":".","rect":[376.3873596191406,714.0,379.146999751091,708.0]},{"page":3,"text":".","rect":[384.1581726074219,634.0,386.91781273937229,628.0]},{"page":3,"text":".","rect":[384.1282653808594,646.0,386.88790551280979,640.0]},{"page":3,"text":".","rect":[384.1781005859375,702.0,386.9377407178879,696.0]},{"page":3,"text":".","rect":[384.1282958984375,714.0,386.8879360303879,708.0]},{"page":3,"text":".","rect":[391.89910888671877,634.0,394.65874901866916,628.0]},{"page":3,"text":".","rect":[391.86920166015627,646.0,394.62884179210666,640.0]},{"page":3,"text":".","rect":[391.9190368652344,702.0,394.67867699718479,696.0]},{"page":3,"text":".","rect":[391.8692321777344,714.0,394.62887230968479,708.0]},{"page":3,"text":"2","rect":[303.50897216796877,749.8880615234375,308.4902720451355,743.2529907226563]},{"page":3,"text":".","rect":[399.6201171875,93.0,402.3797573194504,88.0]},{"page":3,"text":".","rect":[399.65997314453127,107.0,402.41961327648166,100.0]},{"page":3,"text":".","rect":[399.6101379394531,118.0,402.3697780714035,112.0]},{"page":3,"text":".","rect":[399.6400146484375,130.0,402.3996547803879,124.0]},{"page":3,"text":".","rect":[399.6799011230469,142.0,402.43954125499729,136.0]},{"page":3,"text":".","rect":[399.6600036621094,154.0,402.41964379405979,148.0]},{"page":3,"text":".","rect":[399.630126953125,166.0,402.3897670850754,160.0]},{"page":3,"text":".","rect":[399.6200866699219,176.0,402.37972680187229,172.0]},{"page":3,"text":".","rect":[399.6500244140625,188.0,402.4096645460129,184.0]},{"page":3,"text":".","rect":[399.6600036621094,202.0,402.41964379405979,196.0]},{"page":3,"text":".","rect":[399.7098083496094,214.0,402.46944848155979,208.0]},{"page":3,"text":".","rect":[399.6799011230469,226.0,402.43954125499729,220.0]},{"page":3,"text":".","rect":[399.6799011230469,238.0,402.43954125499729,232.0]},{"page":3,"text":".","rect":[399.669921875,250.0,402.4295620069504,244.0]},{"page":3,"text":".","rect":[399.6201171875,326.0,402.3797573194504,322.0]},{"page":3,"text":".","rect":[399.63006591796877,338.0,402.38970604991916,334.0]},{"page":3,"text":".","rect":[399.63006591796877,351.0,402.38970604991916,345.0]},{"page":3,"text":".","rect":[399.6400146484375,362.0,402.3996547803879,357.0]},{"page":3,"text":".","rect":[399.6400146484375,375.0,402.3996547803879,369.0]},{"page":3,"text":".","rect":[399.6200866699219,387.0,402.37972680187229,381.0]},{"page":3,"text":".","rect":[399.6500549316406,399.0,402.409695063591,393.0]},{"page":3,"text":".","rect":[399.63006591796877,411.0,402.38970604991916,405.0]},{"page":3,"text":".","rect":[399.65997314453127,423.0,402.41961327648166,417.0]},{"page":3,"text":".","rect":[399.6201171875,543.0,402.3797573194504,539.0]},{"page":3,"text":".","rect":[399.6499938964844,557.0,402.40963402843479,551.0]},{"page":3,"text":".","rect":[399.6400451660156,634.0,402.399685297966,628.0]},{"page":3,"text":".","rect":[399.6101379394531,646.0,402.3697780714035,640.0]},{"page":3,"text":".","rect":[399.65997314453127,702.0,402.41961327648166,696.0]},{"page":3,"text":".","rect":[399.61016845703127,714.0,402.36980858898166,708.0]},{"page":3,"text":".","rect":[407.3610534667969,93.0,410.12069359874729,88.0]},{"page":3,"text":".","rect":[407.4009094238281,107.0,410.1605495557785,100.0]},{"page":3,"text":".","rect":[407.35107421875,118.0,410.1107143507004,112.0]},{"page":3,"text":".","rect":[407.3809509277344,130.0,410.14059105968479,124.0]},{"page":3,"text":".","rect":[407.42083740234377,142.0,410.18047753429416,136.0]},{"page":3,"text":".","rect":[407.40093994140627,154.0,410.16058007335666,148.0]},{"page":3,"text":".","rect":[407.3710632324219,166.0,410.13070336437229,160.0]},{"page":3,"text":".","rect":[407.36102294921877,176.0,410.12066308116916,172.0]},{"page":3,"text":".","rect":[407.3909606933594,188.0,410.15060082530979,184.0]},{"page":3,"text":".","rect":[407.40093994140627,202.0,410.16058007335666,196.0]},{"page":3,"text":".","rect":[407.45074462890627,214.0,410.21038476085666,208.0]},{"page":3,"text":".","rect":[407.42083740234377,226.0,410.18047753429416,220.0]},{"page":3,"text":".","rect":[407.42083740234377,238.0,410.18047753429416,232.0]},{"page":3,"text":".","rect":[407.4108581542969,250.0,410.17049828624729,244.0]},{"page":3,"text":".","rect":[407.3610534667969,326.0,410.12069359874729,322.0]},{"page":3,"text":".","rect":[407.3710021972656,338.0,410.130642329216,334.0]},{"page":3,"text":".","rect":[407.3710021972656,351.0,410.130642329216,345.0]},{"page":3,"text":".","rect":[407.3809509277344,362.0,410.14059105968479,357.0]},{"page":3,"text":".","rect":[407.3809509277344,375.0,410.14059105968479,369.0]},{"page":3,"text":".","rect":[407.36102294921877,387.0,410.12066308116916,381.0]},{"page":3,"text":".","rect":[407.3909912109375,399.0,410.1506313428879,393.0]},{"page":3,"text":".","rect":[407.3710021972656,411.0,410.130642329216,405.0]},{"page":3,"text":".","rect":[407.4009094238281,423.0,410.1605495557785,417.0]},{"page":3,"text":".","rect":[407.3610534667969,543.0,410.12069359874729,539.0]},{"page":3,"text":".","rect":[407.39093017578127,557.0,410.15057030773166,551.0]},{"page":3,"text":".","rect":[407.3809814453125,634.0,410.1406215772629,628.0]},{"page":3,"text":".","rect":[407.35107421875,646.0,410.1107143507004,640.0]},{"page":3,"text":".","rect":[407.4009094238281,702.0,410.1605495557785,696.0]},{"page":3,"text":".","rect":[407.3511047363281,714.0,410.1107448682785,708.0]},{"page":3,"text":".","rect":[415.10198974609377,93.0,417.86162987804416,88.0]},{"page":3,"text":".","rect":[415.141845703125,107.0,417.9014858350754,100.0]},{"page":3,"text":".","rect":[415.0920104980469,118.0,417.85165062999729,112.0]},{"page":3,"text":".","rect":[415.12188720703127,130.0,417.88152733898166,124.0]},{"page":3,"text":".","rect":[415.1617736816406,142.0,417.921413813591,136.0]},{"page":3,"text":".","rect":[415.1418762207031,154.0,417.9015163526535,148.0]},{"page":3,"text":".","rect":[415.11199951171877,166.0,417.87163964366916,160.0]},{"page":3,"text":".","rect":[415.1019592285156,176.0,417.861599360466,172.0]},{"page":3,"text":".","rect":[415.13189697265627,188.0,417.89153710460666,184.0]},{"page":3,"text":".","rect":[415.1418762207031,202.0,417.9015163526535,196.0]},{"page":3,"text":".","rect":[415.1916809082031,214.0,417.9513210401535,208.0]},{"page":3,"text":".","rect":[415.1617736816406,226.0,417.921413813591,220.0]},{"page":3,"text":".","rect":[415.1617736816406,238.0,417.921413813591,232.0]},{"page":3,"text":".","rect":[415.15179443359377,250.0,417.91143456554416,244.0]},{"page":3,"text":".","rect":[415.10198974609377,326.0,417.86162987804416,322.0]},{"page":3,"text":".","rect":[415.1119384765625,338.0,417.8715786085129,334.0]},{"page":3,"text":".","rect":[415.1119384765625,351.0,417.8715786085129,345.0]},{"page":3,"text":".","rect":[415.12188720703127,362.0,417.88152733898166,357.0]},{"page":3,"text":".","rect":[415.12188720703127,375.0,417.88152733898166,369.0]},{"page":3,"text":".","rect":[415.1019592285156,387.0,417.861599360466,381.0]},{"page":3,"text":".","rect":[415.1319274902344,399.0,417.89156762218479,393.0]},{"page":3,"text":".","rect":[415.1119384765625,411.0,417.8715786085129,405.0]},{"page":3,"text":".","rect":[415.141845703125,423.0,417.9014858350754,417.0]},{"page":3,"text":".","rect":[415.10198974609377,543.0,417.86162987804416,539.0]},{"page":3,"text":".","rect":[415.1318664550781,557.0,417.8915065870285,551.0]},{"page":3,"text":".","rect":[415.1219177246094,634.0,417.88155785655979,628.0]},{"page":3,"text":".","rect":[415.0920104980469,646.0,417.85165062999729,640.0]},{"page":3,"text":".","rect":[415.141845703125,702.0,417.9014858350754,696.0]},{"page":3,"text":".","rect":[415.092041015625,714.0,417.8516811475754,708.0]},{"page":3,"text":".","rect":[422.8429260253906,93.0,425.602566157341,88.0]},{"page":3,"text":".","rect":[422.8827819824219,107.0,425.64242211437229,100.0]},{"page":3,"text":".","rect":[422.83294677734377,118.0,425.59258690929416,112.0]},{"page":3,"text":".","rect":[422.8628234863281,130.0,425.6224636182785,124.0]},{"page":3,"text":".","rect":[422.9027099609375,142.0,425.6623500928879,136.0]},{"page":3,"text":".","rect":[422.8828125,154.0,425.6424526319504,148.0]},{"page":3,"text":".","rect":[422.8529357910156,166.0,425.612575922966,160.0]},{"page":3,"text":".","rect":[422.8428955078125,176.0,425.6025356397629,172.0]},{"page":3,"text":".","rect":[422.8728332519531,188.0,425.6324733839035,184.0]},{"page":3,"text":".","rect":[422.8828125,202.0,425.6424526319504,196.0]},{"page":3,"text":".","rect":[422.92266845703127,214.0,425.68230858898166,208.0]},{"page":3,"text":".","rect":[422.9027099609375,226.0,425.6623500928879,220.0]},{"page":3,"text":".","rect":[422.9027099609375,238.0,425.6623500928879,232.0]},{"page":3,"text":".","rect":[422.8927307128906,250.0,425.652370844841,244.0]},{"page":3,"text":".","rect":[422.8429260253906,326.0,425.602566157341,322.0]},{"page":3,"text":".","rect":[422.8528747558594,338.0,425.61251488780979,334.0]},{"page":3,"text":".","rect":[422.8528747558594,351.0,425.61251488780979,345.0]},{"page":3,"text":".","rect":[422.8628234863281,362.0,425.6224636182785,357.0]},{"page":3,"text":".","rect":[422.8628234863281,375.0,425.6224636182785,369.0]},{"page":3,"text":".","rect":[422.8428955078125,387.0,425.6025356397629,381.0]},{"page":3,"text":".","rect":[422.87286376953127,399.0,425.63250390148166,393.0]},{"page":3,"text":".","rect":[422.8528747558594,411.0,425.61251488780979,405.0]},{"page":3,"text":".","rect":[422.8827819824219,423.0,425.64242211437229,417.0]},{"page":3,"text":".","rect":[422.8429260253906,543.0,425.602566157341,539.0]},{"page":3,"text":".","rect":[422.872802734375,557.0,425.6324428663254,551.0]},{"page":3,"text":".","rect":[422.86285400390627,634.0,425.62249413585666,628.0]},{"page":3,"text":".","rect":[422.822998046875,646.0,425.5826381788254,640.0]},{"page":3,"text":".","rect":[422.8827819824219,702.0,425.64242211437229,696.0]},{"page":3,"text":".","rect":[422.8329772949219,714.0,425.59261742687229,708.0]},{"page":3,"text":".","rect":[430.5838623046875,93.0,433.3435024366379,88.0]},{"page":3,"text":".","rect":[430.62371826171877,107.0,433.38335839366916,100.0]},{"page":3,"text":".","rect":[430.5738830566406,118.0,433.333523188591,112.0]},{"page":3,"text":".","rect":[430.603759765625,130.0,433.3633998975754,124.0]},{"page":3,"text":".","rect":[430.6436462402344,142.0,433.40328637218479,136.0]},{"page":3,"text":".","rect":[430.6237487792969,154.0,433.38338891124729,148.0]},{"page":3,"text":".","rect":[430.5938720703125,166.0,433.3535122022629,160.0]},{"page":3,"text":".","rect":[430.5838317871094,176.0,433.34347191905979,172.0]},{"page":3,"text":".","rect":[430.61376953125,188.0,433.3734096632004,184.0]},{"page":3,"text":".","rect":[430.6237487792969,202.0,433.38338891124729,196.0]},{"page":3,"text":".","rect":[430.6636047363281,214.0,433.4232448682785,208.0]},{"page":3,"text":".","rect":[430.6436462402344,226.0,433.40328637218479,220.0]},{"page":3,"text":".","rect":[430.6436462402344,238.0,433.40328637218479,232.0]},{"page":3,"text":".","rect":[430.6336669921875,250.0,433.3933071241379,244.0]},{"page":3,"text":".","rect":[430.5838623046875,326.0,433.3435024366379,322.0]},{"page":3,"text":".","rect":[430.59381103515627,338.0,433.35345116710666,334.0]},{"page":3,"text":".","rect":[430.59381103515627,351.0,433.35345116710666,345.0]},{"page":3,"text":".","rect":[430.603759765625,362.0,433.3633998975754,357.0]},{"page":3,"text":".","rect":[430.603759765625,375.0,433.3633998975754,369.0]},{"page":3,"text":".","rect":[430.5838317871094,387.0,433.34347191905979,381.0]},{"page":3,"text":".","rect":[430.6138000488281,399.0,433.3734401807785,393.0]},{"page":3,"text":".","rect":[430.59381103515627,411.0,433.35345116710666,405.0]},{"page":3,"text":".","rect":[430.62371826171877,423.0,433.38335839366916,417.0]},{"page":3,"text":".","rect":[430.5838623046875,543.0,433.3435024366379,539.0]},{"page":3,"text":".","rect":[430.6137390136719,557.0,433.37337914562229,551.0]},{"page":3,"text":".","rect":[430.6037902832031,634.0,433.3634304151535,628.0]},{"page":3,"text":".","rect":[430.5639343261719,646.0,433.32357445812229,640.0]},{"page":3,"text":".","rect":[430.62371826171877,702.0,433.38335839366916,696.0]},{"page":3,"text":".","rect":[430.57391357421877,714.0,433.33355370616916,708.0]},{"page":3,"text":".","rect":[438.3247985839844,93.0,441.08443871593479,88.0]},{"page":3,"text":".","rect":[438.3646545410156,107.0,441.124294672966,100.0]},{"page":3,"text":".","rect":[438.3148193359375,118.0,441.0744594678879,112.0]},{"page":3,"text":".","rect":[438.3446960449219,130.0,441.10433617687229,124.0]},{"page":3,"text":".","rect":[438.38458251953127,142.0,441.14422265148166,136.0]},{"page":3,"text":".","rect":[438.36468505859377,154.0,441.12432519054416,148.0]},{"page":3,"text":".","rect":[438.3348083496094,166.0,441.09444848155979,160.0]},{"page":3,"text":".","rect":[438.32476806640627,176.0,441.08440819835666,172.0]},{"page":3,"text":".","rect":[438.3547058105469,188.0,441.11434594249729,184.0]},{"page":3,"text":".","rect":[438.36468505859377,202.0,441.12432519054416,196.0]},{"page":3,"text":".","rect":[438.404541015625,214.0,441.1641811475754,208.0]},{"page":3,"text":".","rect":[438.38458251953127,226.0,441.14422265148166,220.0]},{"page":3,"text":".","rect":[438.38458251953127,238.0,441.14422265148166,232.0]},{"page":3,"text":".","rect":[438.3746032714844,250.0,441.13424340343479,244.0]},{"page":3,"text":".","rect":[438.3247985839844,326.0,441.08443871593479,322.0]},{"page":3,"text":".","rect":[438.3347473144531,338.0,441.0943874464035,334.0]},{"page":3,"text":".","rect":[438.3347473144531,351.0,441.0943874464035,345.0]},{"page":3,"text":".","rect":[438.3446960449219,362.0,441.10433617687229,357.0]},{"page":3,"text":".","rect":[438.3446960449219,375.0,441.10433617687229,369.0]},{"page":3,"text":".","rect":[438.32476806640627,387.0,441.08440819835666,381.0]},{"page":3,"text":".","rect":[438.354736328125,399.0,441.1143764600754,393.0]},{"page":3,"text":".","rect":[438.3347473144531,411.0,441.0943874464035,405.0]},{"page":3,"text":".","rect":[438.3646545410156,423.0,441.124294672966,417.0]},{"page":3,"text":".","rect":[438.3247985839844,543.0,441.08443871593479,539.0]},{"page":3,"text":".","rect":[438.35467529296877,557.0,441.11431542491916,551.0]},{"page":3,"text":".","rect":[438.3447265625,634.0,441.1043666944504,628.0]},{"page":3,"text":".","rect":[438.30487060546877,646.0,441.06451073741916,640.0]},{"page":3,"text":".","rect":[438.3646545410156,702.0,441.124294672966,696.0]},{"page":3,"text":".","rect":[438.3148498535156,714.0,441.074489985466,708.0]},{"page":3,"text":".","rect":[446.06573486328127,93.0,448.82537499523166,88.0]},{"page":3,"text":".","rect":[446.1055908203125,107.0,448.8652309522629,100.0]},{"page":3,"text":".","rect":[446.0557556152344,118.0,448.81539574718479,112.0]},{"page":3,"text":".","rect":[446.08563232421877,130.0,448.84527245616916,124.0]},{"page":3,"text":".","rect":[446.1255187988281,142.0,448.8851589307785,136.0]},{"page":3,"text":".","rect":[446.1056213378906,154.0,448.865261469841,148.0]},{"page":3,"text":".","rect":[446.07574462890627,166.0,448.83538476085666,160.0]},{"page":3,"text":".","rect":[446.0657043457031,176.0,448.8253444776535,172.0]},{"page":3,"text":".","rect":[446.09564208984377,188.0,448.85528222179416,184.0]},{"page":3,"text":".","rect":[446.1056213378906,202.0,448.865261469841,196.0]},{"page":3,"text":".","rect":[446.1454772949219,214.0,448.90511742687229,208.0]},{"page":3,"text":".","rect":[446.1255187988281,226.0,448.8851589307785,220.0]},{"page":3,"text":".","rect":[446.1255187988281,238.0,448.8851589307785,232.0]},{"page":3,"text":".","rect":[446.11553955078127,250.0,448.87517968273166,244.0]},{"page":3,"text":".","rect":[446.06573486328127,326.0,448.82537499523166,322.0]},{"page":3,"text":".","rect":[446.07568359375,338.0,448.8353237257004,334.0]},{"page":3,"text":".","rect":[446.07568359375,351.0,448.8353237257004,345.0]},{"page":3,"text":".","rect":[446.07568359375,362.0,448.8353237257004,357.0]},{"page":3,"text":".","rect":[446.08563232421877,375.0,448.84527245616916,369.0]},{"page":3,"text":".","rect":[446.0557556152344,387.0,448.81539574718479,381.0]},{"page":3,"text":".","rect":[446.0956726074219,399.0,448.85531273937229,393.0]},{"page":3,"text":".","rect":[446.07568359375,411.0,448.8353237257004,405.0]},{"page":3,"text":".","rect":[446.1055908203125,423.0,448.8652309522629,417.0]},{"page":3,"text":".","rect":[446.06573486328127,543.0,448.82537499523166,539.0]},{"page":3,"text":".","rect":[446.0956115722656,557.0,448.855251704216,551.0]},{"page":3,"text":".","rect":[446.0856628417969,634.0,448.84530297374729,628.0]},{"page":3,"text":".","rect":[446.0458068847656,646.0,448.805447016716,640.0]},{"page":3,"text":".","rect":[446.1055908203125,702.0,448.8652309522629,696.0]},{"page":3,"text":".","rect":[446.0557861328125,714.0,448.8154262647629,708.0]},{"page":3,"text":".","rect":[453.8066711425781,93.0,456.5663112745285,88.0]},{"page":3,"text":".","rect":[453.8465270996094,107.0,456.60616723155979,100.0]},{"page":3,"text":".","rect":[453.79669189453127,118.0,456.55633202648166,112.0]},{"page":3,"text":".","rect":[453.8265686035156,130.0,456.586208735466,124.0]},{"page":3,"text":".","rect":[453.866455078125,142.0,456.6260952100754,136.0]},{"page":3,"text":".","rect":[453.8465576171875,154.0,456.6061977491379,148.0]},{"page":3,"text":".","rect":[453.8166809082031,166.0,456.5763210401535,160.0]},{"page":3,"text":".","rect":[453.806640625,176.0,456.5662807569504,172.0]},{"page":3,"text":".","rect":[453.8365783691406,188.0,456.596218501091,184.0]},{"page":3,"text":".","rect":[453.8465576171875,202.0,456.6061977491379,196.0]},{"page":3,"text":".","rect":[453.88641357421877,214.0,456.64605370616916,208.0]},{"page":3,"text":".","rect":[453.866455078125,226.0,456.6260952100754,220.0]},{"page":3,"text":".","rect":[453.866455078125,238.0,456.6260952100754,232.0]},{"page":3,"text":".","rect":[453.8564758300781,250.0,456.6161159620285,244.0]},{"page":3,"text":".","rect":[453.8066711425781,326.0,456.5663112745285,322.0]},{"page":3,"text":".","rect":[453.8166198730469,338.0,456.57626000499729,334.0]},{"page":3,"text":".","rect":[453.8166198730469,351.0,456.57626000499729,345.0]},{"page":3,"text":".","rect":[453.8166198730469,362.0,456.57626000499729,357.0]},{"page":3,"text":".","rect":[453.8265686035156,375.0,456.586208735466,369.0]},{"page":3,"text":".","rect":[453.79669189453127,387.0,456.55633202648166,381.0]},{"page":3,"text":".","rect":[453.83660888671877,399.0,456.59624901866916,393.0]},{"page":3,"text":".","rect":[453.8166198730469,411.0,456.57626000499729,405.0]},{"page":3,"text":".","rect":[453.8465270996094,423.0,456.60616723155979,417.0]},{"page":3,"text":".","rect":[453.8066711425781,543.0,456.5663112745285,539.0]},{"page":3,"text":".","rect":[453.8365478515625,557.0,456.5961879835129,551.0]},{"page":3,"text":".","rect":[453.82659912109377,634.0,456.58623925304416,628.0]},{"page":3,"text":".","rect":[453.7867431640625,646.0,456.5463832960129,640.0]},{"page":3,"text":".","rect":[453.8465270996094,702.0,456.60616723155979,696.0]},{"page":3,"text":".","rect":[453.7967224121094,714.0,456.55636254405979,708.0]},{"page":3,"text":".","rect":[461.547607421875,93.0,464.3072475538254,88.0]},{"page":3,"text":".","rect":[461.58746337890627,107.0,464.34710351085666,100.0]},{"page":3,"text":".","rect":[461.5376281738281,118.0,464.2972683057785,112.0]},{"page":3,"text":".","rect":[461.5675048828125,130.0,464.3271450147629,124.0]},{"page":3,"text":".","rect":[461.6073913574219,142.0,464.36703148937229,136.0]},{"page":3,"text":".","rect":[461.5874938964844,154.0,464.34713402843479,148.0]},{"page":3,"text":".","rect":[461.5576171875,166.0,464.3172573194504,160.0]},{"page":3,"text":".","rect":[461.5475769042969,176.0,464.30721703624729,172.0]},{"page":3,"text":".","rect":[461.5775146484375,188.0,464.3371547803879,184.0]},{"page":3,"text":".","rect":[461.5874938964844,202.0,464.34713402843479,196.0]},{"page":3,"text":".","rect":[461.6273498535156,214.0,464.386989985466,208.0]},{"page":3,"text":".","rect":[461.6073913574219,226.0,464.36703148937229,220.0]},{"page":3,"text":".","rect":[461.6073913574219,238.0,464.36703148937229,232.0]},{"page":3,"text":".","rect":[461.597412109375,250.0,464.3570522413254,244.0]},{"page":3,"text":".","rect":[461.547607421875,326.0,464.3072475538254,322.0]},{"page":3,"text":".","rect":[461.55755615234377,338.0,464.31719628429416,334.0]},{"page":3,"text":".","rect":[461.55755615234377,351.0,464.31719628429416,345.0]},{"page":3,"text":".","rect":[461.55755615234377,362.0,464.31719628429416,357.0]},{"page":3,"text":".","rect":[461.5675048828125,375.0,464.3271450147629,369.0]},{"page":3,"text":".","rect":[461.5376281738281,387.0,464.2972683057785,381.0]},{"page":3,"text":".","rect":[461.5775451660156,399.0,464.337185297966,393.0]},{"page":3,"text":".","rect":[461.55755615234377,411.0,464.31719628429416,405.0]},{"page":3,"text":".","rect":[461.58746337890627,423.0,464.34710351085666,417.0]},{"page":3,"text":".","rect":[461.547607421875,543.0,464.3072475538254,539.0]},{"page":3,"text":".","rect":[461.5774841308594,557.0,464.33712426280979,551.0]},{"page":3,"text":".","rect":[461.5675354003906,634.0,464.327175532341,628.0]},{"page":3,"text":".","rect":[461.5276794433594,646.0,464.28731957530979,640.0]},{"page":3,"text":".","rect":[461.58746337890627,702.0,464.34710351085666,696.0]},{"page":3,"text":".","rect":[461.53765869140627,714.0,464.29729882335666,708.0]},{"page":3,"text":".","rect":[469.2885437011719,93.0,472.04818383312229,88.0]},{"page":3,"text":".","rect":[469.3283996582031,107.0,472.0880397901535,100.0]},{"page":3,"text":".","rect":[469.278564453125,118.0,472.0382045850754,112.0]},{"page":3,"text":".","rect":[469.3084411621094,130.0,472.06808129405979,124.0]},{"page":3,"text":".","rect":[469.34832763671877,142.0,472.10796776866916,136.0]},{"page":3,"text":".","rect":[469.32843017578127,154.0,472.08807030773166,148.0]},{"page":3,"text":".","rect":[469.2985534667969,166.0,472.05819359874729,160.0]},{"page":3,"text":".","rect":[469.28851318359377,176.0,472.04815331554416,172.0]},{"page":3,"text":".","rect":[469.3184509277344,188.0,472.07809105968479,184.0]},{"page":3,"text":".","rect":[469.32843017578127,202.0,472.08807030773166,196.0]},{"page":3,"text":".","rect":[469.3682861328125,214.0,472.1279262647629,208.0]},{"page":3,"text":".","rect":[469.34832763671877,226.0,472.10796776866916,220.0]},{"page":3,"text":".","rect":[469.34832763671877,238.0,472.10796776866916,232.0]},{"page":3,"text":".","rect":[469.3383483886719,250.0,472.09798852062229,244.0]},{"page":3,"text":".","rect":[469.2885437011719,326.0,472.04818383312229,322.0]},{"page":3,"text":".","rect":[469.2984924316406,338.0,472.058132563591,334.0]},{"page":3,"text":".","rect":[469.2984924316406,351.0,472.058132563591,345.0]},{"page":3,"text":".","rect":[469.2984924316406,362.0,472.058132563591,357.0]},{"page":3,"text":".","rect":[469.2984924316406,375.0,472.058132563591,369.0]},{"page":3,"text":".","rect":[469.278564453125,387.0,472.0382045850754,381.0]},{"page":3,"text":".","rect":[469.3184814453125,399.0,472.0781215772629,393.0]},{"page":3,"text":".","rect":[469.2984924316406,411.0,472.058132563591,405.0]},{"page":3,"text":".","rect":[469.3283996582031,423.0,472.0880397901535,417.0]},{"page":3,"text":".","rect":[469.2885437011719,543.0,472.04818383312229,539.0]},{"page":3,"text":".","rect":[469.31842041015627,557.0,472.07806054210666,551.0]},{"page":3,"text":".","rect":[469.3084716796875,634.0,472.0681118116379,628.0]},{"page":3,"text":".","rect":[469.26861572265627,646.0,472.02825585460666,640.0]},{"page":3,"text":".","rect":[469.3283996582031,702.0,472.0880397901535,696.0]},{"page":3,"text":".","rect":[469.2785949707031,714.0,472.0382351026535,708.0]},{"page":3,"text":".","rect":[477.02947998046877,93.0,479.78912011241916,88.0]},{"page":3,"text":".","rect":[477.0693359375,107.0,479.8289760694504,100.0]},{"page":3,"text":".","rect":[477.0195007324219,118.0,479.77914086437229,112.0]},{"page":3,"text":".","rect":[477.04937744140627,130.0,479.80901757335666,124.0]},{"page":3,"text":".","rect":[477.0892639160156,142.0,479.848904047966,136.0]},{"page":3,"text":".","rect":[477.0693664550781,154.0,479.8290065870285,148.0]},{"page":3,"text":".","rect":[477.03948974609377,166.0,479.79912987804416,160.0]},{"page":3,"text":".","rect":[477.0294494628906,176.0,479.789089594841,172.0]},{"page":3,"text":".","rect":[477.05938720703127,188.0,479.81902733898166,184.0]},{"page":3,"text":".","rect":[477.0693664550781,202.0,479.8290065870285,196.0]},{"page":3,"text":".","rect":[477.1092224121094,214.0,479.86886254405979,208.0]},{"page":3,"text":".","rect":[477.0892639160156,226.0,479.848904047966,220.0]},{"page":3,"text":".","rect":[477.0892639160156,238.0,479.848904047966,232.0]},{"page":3,"text":".","rect":[477.07928466796877,250.0,479.83892479991916,244.0]},{"page":3,"text":".","rect":[477.02947998046877,326.0,479.78912011241916,322.0]},{"page":3,"text":".","rect":[477.0394287109375,338.0,479.7990688428879,334.0]},{"page":3,"text":".","rect":[477.0394287109375,351.0,479.7990688428879,345.0]},{"page":3,"text":".","rect":[477.0394287109375,362.0,479.7990688428879,357.0]},{"page":3,"text":".","rect":[477.0394287109375,375.0,479.7990688428879,369.0]},{"page":3,"text":".","rect":[477.0195007324219,387.0,479.77914086437229,381.0]},{"page":3,"text":".","rect":[477.0594177246094,399.0,479.81905785655979,393.0]},{"page":3,"text":".","rect":[477.0394287109375,411.0,479.7990688428879,405.0]},{"page":3,"text":".","rect":[477.0693359375,423.0,479.8289760694504,417.0]},{"page":3,"text":".","rect":[477.02947998046877,543.0,479.78912011241916,539.0]},{"page":3,"text":".","rect":[477.0593566894531,557.0,479.8189968214035,551.0]},{"page":3,"text":".","rect":[477.0494079589844,634.0,479.80904809093479,628.0]},{"page":3,"text":".","rect":[477.0095520019531,646.0,479.7691921339035,640.0]},{"page":3,"text":".","rect":[477.0693359375,702.0,479.8289760694504,696.0]},{"page":3,"text":".","rect":[477.01953125,714.0,479.7791713819504,708.0]},{"page":3,"text":".","rect":[484.7704162597656,93.0,487.530056391716,88.0]},{"page":3,"text":".","rect":[484.8102722167969,107.0,487.56991234874729,100.0]},{"page":3,"text":".","rect":[484.76043701171877,118.0,487.52007714366916,112.0]},{"page":3,"text":".","rect":[484.7903137207031,130.0,487.5499538526535,124.0]},{"page":3,"text":".","rect":[484.8302001953125,142.0,487.5898403272629,136.0]},{"page":3,"text":".","rect":[484.810302734375,154.0,487.5699428663254,148.0]},{"page":3,"text":".","rect":[484.7804260253906,166.0,487.540066157341,160.0]},{"page":3,"text":".","rect":[484.7703857421875,176.0,487.5300258741379,172.0]},{"page":3,"text":".","rect":[484.7903747558594,188.0,487.55001488780979,184.0]},{"page":3,"text":".","rect":[484.810302734375,202.0,487.5699428663254,196.0]},{"page":3,"text":".","rect":[484.85015869140627,214.0,487.60979882335666,208.0]},{"page":3,"text":".","rect":[484.8302001953125,226.0,487.5898403272629,220.0]},{"page":3,"text":".","rect":[484.8302001953125,238.0,487.5898403272629,232.0]},{"page":3,"text":".","rect":[484.8202209472656,250.0,487.579861079216,244.0]},{"page":3,"text":".","rect":[484.7704162597656,326.0,487.530056391716,322.0]},{"page":3,"text":".","rect":[484.7803649902344,338.0,487.54000512218479,334.0]},{"page":3,"text":".","rect":[484.7803649902344,351.0,487.54000512218479,345.0]},{"page":3,"text":".","rect":[484.7803649902344,362.0,487.54000512218479,357.0]},{"page":3,"text":".","rect":[484.7803649902344,375.0,487.54000512218479,369.0]},{"page":3,"text":".","rect":[484.76043701171877,387.0,487.52007714366916,381.0]},{"page":3,"text":".","rect":[484.80035400390627,399.0,487.55999413585666,393.0]},{"page":3,"text":".","rect":[484.7803649902344,411.0,487.54000512218479,405.0]},{"page":3,"text":".","rect":[484.8102722167969,423.0,487.56991234874729,417.0]},{"page":3,"text":".","rect":[484.7704162597656,543.0,487.530056391716,539.0]},{"page":3,"text":".","rect":[484.80029296875,557.0,487.5599331007004,551.0]},{"page":3,"text":".","rect":[484.79034423828127,634.0,487.54998437023166,628.0]},{"page":3,"text":".","rect":[484.75048828125,646.0,487.5101284132004,640.0]},{"page":3,"text":".","rect":[484.8102722167969,702.0,487.56991234874729,696.0]},{"page":3,"text":".","rect":[484.7604675292969,714.0,487.52010766124729,708.0]},{"page":3,"text":".","rect":[492.5113525390625,93.0,495.2709926710129,88.0]},{"page":3,"text":".","rect":[492.55120849609377,107.0,495.31084862804416,100.0]},{"page":3,"text":".","rect":[492.5013732910156,118.0,495.261013422966,112.0]},{"page":3,"text":".","rect":[492.53125,130.0,495.2908901319504,124.0]},{"page":3,"text":".","rect":[492.5711364746094,142.0,495.33077660655979,136.0]},{"page":3,"text":".","rect":[492.5412902832031,154.0,495.3009304151535,148.0]},{"page":3,"text":".","rect":[492.5213623046875,166.0,495.2810024366379,160.0]},{"page":3,"text":".","rect":[492.5113220214844,176.0,495.27096215343479,172.0]},{"page":3,"text":".","rect":[492.53131103515627,188.0,495.29095116710666,184.0]},{"page":3,"text":".","rect":[492.5512390136719,202.0,495.31087914562229,196.0]},{"page":3,"text":".","rect":[492.5910949707031,214.0,495.3507351026535,208.0]},{"page":3,"text":".","rect":[492.5711364746094,226.0,495.33077660655979,220.0]},{"page":3,"text":".","rect":[492.5711364746094,238.0,495.33077660655979,232.0]},{"page":3,"text":".","rect":[492.5611572265625,250.0,495.3207973585129,244.0]},{"page":3,"text":".","rect":[492.5113525390625,326.0,495.2709926710129,322.0]},{"page":3,"text":".","rect":[492.52130126953127,338.0,495.28094140148166,334.0]},{"page":3,"text":".","rect":[492.52130126953127,351.0,495.28094140148166,345.0]},{"page":3,"text":".","rect":[492.52130126953127,362.0,495.28094140148166,357.0]},{"page":3,"text":".","rect":[492.52130126953127,375.0,495.28094140148166,369.0]},{"page":3,"text":".","rect":[492.5013732910156,387.0,495.261013422966,381.0]},{"page":3,"text":".","rect":[492.5412902832031,399.0,495.3009304151535,393.0]},{"page":3,"text":".","rect":[492.52130126953127,411.0,495.28094140148166,405.0]},{"page":3,"text":".","rect":[492.55120849609377,423.0,495.31084862804416,417.0]},{"page":3,"text":".","rect":[492.5113525390625,543.0,495.2709926710129,539.0]},{"page":3,"text":".","rect":[492.5412292480469,557.0,495.30086937999729,551.0]},{"page":3,"text":".","rect":[492.5312805175781,634.0,495.2909206495285,628.0]},{"page":3,"text":".","rect":[492.4914245605469,646.0,495.25106469249729,640.0]},{"page":3,"text":".","rect":[492.55120849609377,702.0,495.31084862804416,696.0]},{"page":3,"text":".","rect":[492.50140380859377,714.0,495.26104394054416,708.0]},{"page":3,"text":".","rect":[500.2522888183594,93.0,503.01192895030979,88.0]},{"page":3,"text":".","rect":[500.2921447753906,107.0,503.051784907341,100.0]},{"page":3,"text":".","rect":[500.2423095703125,118.0,503.0019497022629,112.0]},{"page":3,"text":".","rect":[500.2721862792969,130.0,503.03182641124729,124.0]},{"page":3,"text":".","rect":[500.31207275390627,142.0,503.07171288585666,136.0]},{"page":3,"text":".","rect":[500.2822265625,154.0,503.0418666944504,148.0]},{"page":3,"text":".","rect":[500.2622985839844,166.0,503.02193871593479,160.0]},{"page":3,"text":".","rect":[500.25225830078127,176.0,503.01189843273166,172.0]},{"page":3,"text":".","rect":[500.2722473144531,188.0,503.0318874464035,184.0]},{"page":3,"text":".","rect":[500.29217529296877,202.0,503.05181542491916,196.0]},{"page":3,"text":".","rect":[500.33203125,214.0,503.0916713819504,208.0]},{"page":3,"text":".","rect":[500.31207275390627,226.0,503.07171288585666,220.0]},{"page":3,"text":".","rect":[500.31207275390627,238.0,503.07171288585666,232.0]},{"page":3,"text":".","rect":[500.3020935058594,250.0,503.06173363780979,244.0]},{"page":3,"text":".","rect":[500.2522888183594,326.0,503.01192895030979,322.0]},{"page":3,"text":".","rect":[500.2622375488281,338.0,503.0218776807785,334.0]},{"page":3,"text":".","rect":[500.2622375488281,351.0,503.0218776807785,345.0]},{"page":3,"text":".","rect":[500.2622375488281,362.0,503.0218776807785,357.0]},{"page":3,"text":".","rect":[500.2622375488281,375.0,503.0218776807785,369.0]},{"page":3,"text":".","rect":[500.2423095703125,387.0,503.0019497022629,381.0]},{"page":3,"text":".","rect":[500.2822265625,399.0,503.0418666944504,393.0]},{"page":3,"text":".","rect":[500.2622375488281,411.0,503.0218776807785,405.0]},{"page":3,"text":".","rect":[500.2921447753906,423.0,503.051784907341,417.0]},{"page":3,"text":".","rect":[500.2522888183594,543.0,503.01192895030979,539.0]},{"page":3,"text":".","rect":[500.28216552734377,557.0,503.04180565929416,551.0]},{"page":3,"text":".","rect":[500.272216796875,634.0,503.0318569288254,628.0]},{"page":3,"text":".","rect":[500.23236083984377,646.0,502.99200097179416,640.0]},{"page":3,"text":".","rect":[500.2921447753906,702.0,503.051784907341,696.0]},{"page":3,"text":".","rect":[500.2423400878906,714.0,503.001980219841,708.0]},{"page":3,"text":".","rect":[507.99322509765627,93.0,510.75286522960666,88.0]},{"page":3,"text":".","rect":[508.0330810546875,107.0,510.7927211866379,100.0]},{"page":3,"text":".","rect":[507.9832458496094,118.0,510.74288598155979,112.0]},{"page":3,"text":".","rect":[508.01312255859377,130.0,510.77276269054416,124.0]},{"page":3,"text":".","rect":[508.0530090332031,142.0,510.8126491651535,136.0]},{"page":3,"text":".","rect":[508.0231628417969,154.0,510.78280297374729,148.0]},{"page":3,"text":".","rect":[508.00323486328127,166.0,510.76287499523166,160.0]},{"page":3,"text":".","rect":[507.9931945800781,176.0,510.7528347120285,172.0]},{"page":3,"text":".","rect":[508.01318359375,188.0,510.7728237257004,184.0]},{"page":3,"text":".","rect":[508.0331115722656,202.0,510.792751704216,196.0]},{"page":3,"text":".","rect":[508.0729675292969,214.0,510.83260766124729,208.0]},{"page":3,"text":".","rect":[508.0530090332031,226.0,510.8126491651535,220.0]},{"page":3,"text":".","rect":[508.0530090332031,238.0,510.8126491651535,232.0]},{"page":3,"text":".","rect":[508.04302978515627,250.0,510.80266991710666,244.0]},{"page":3,"text":".","rect":[507.99322509765627,326.0,510.75286522960666,322.0]},{"page":3,"text":".","rect":[508.003173828125,338.0,510.7628139600754,334.0]},{"page":3,"text":".","rect":[508.003173828125,351.0,510.7628139600754,345.0]},{"page":3,"text":".","rect":[508.003173828125,362.0,510.7628139600754,357.0]},{"page":3,"text":".","rect":[508.003173828125,375.0,510.7628139600754,369.0]},{"page":3,"text":".","rect":[507.9832458496094,387.0,510.74288598155979,381.0]},{"page":3,"text":".","rect":[508.0231628417969,399.0,510.78280297374729,393.0]},{"page":3,"text":".","rect":[508.003173828125,411.0,510.7628139600754,405.0]},{"page":3,"text":".","rect":[508.0330810546875,423.0,510.7927211866379,417.0]},{"page":3,"text":".","rect":[507.99322509765627,543.0,510.75286522960666,539.0]},{"page":3,"text":".","rect":[508.0131530761719,557.0,510.77279320812229,551.0]},{"page":3,"text":".","rect":[508.0131530761719,634.0,510.77279320812229,628.0]},{"page":3,"text":".","rect":[507.9732971191406,646.0,510.732937251091,640.0]},{"page":3,"text":".","rect":[508.0330810546875,702.0,510.7927211866379,696.0]},{"page":3,"text":".","rect":[507.9832763671875,714.0,510.7429164991379,708.0]},{"page":3,"text":".","rect":[515.734130859375,93.0,518.4937709913254,88.0]},{"page":3,"text":".","rect":[515.7740478515625,107.0,518.5336879835129,100.0]},{"page":3,"text":".","rect":[515.7241821289063,118.0,518.4838222608566,112.0]},{"page":3,"text":".","rect":[515.7540283203125,130.0,518.5136684522629,124.0]},{"page":3,"text":".","rect":[515.7939453125,142.0,518.5535854444504,136.0]},{"page":3,"text":".","rect":[515.7640991210938,154.0,518.5237392530441,148.0]},{"page":3,"text":".","rect":[515.744140625,166.0,518.5037807569504,160.0]},{"page":3,"text":".","rect":[515.734130859375,176.0,518.4937709913254,172.0]},{"page":3,"text":".","rect":[515.754150390625,188.0,518.5137905225754,184.0]},{"page":3,"text":".","rect":[515.7740478515625,202.0,518.5336879835129,196.0]},{"page":3,"text":".","rect":[515.8139038085938,214.0,518.5735439405441,208.0]},{"page":3,"text":".","rect":[515.7939453125,226.0,518.5535854444504,220.0]},{"page":3,"text":".","rect":[515.7939453125,238.0,518.5535854444504,232.0]},{"page":3,"text":".","rect":[515.783935546875,250.0,518.5435756788254,244.0]},{"page":3,"text":".","rect":[515.734130859375,326.0,518.4937709913254,322.0]},{"page":3,"text":".","rect":[515.744140625,338.0,518.5037807569504,334.0]},{"page":3,"text":".","rect":[515.744140625,351.0,518.5037807569504,345.0]},{"page":3,"text":".","rect":[515.744140625,362.0,518.5037807569504,357.0]},{"page":3,"text":".","rect":[515.744140625,375.0,518.5037807569504,369.0]},{"page":3,"text":".","rect":[515.7241821289063,387.0,518.4838222608566,381.0]},{"page":3,"text":".","rect":[515.7640991210938,399.0,518.5237392530441,393.0]},{"page":3,"text":".","rect":[515.744140625,411.0,518.5037807569504,405.0]},{"page":3,"text":".","rect":[515.7740478515625,423.0,518.5336879835129,417.0]},{"page":3,"text":".","rect":[515.734130859375,543.0,518.4937709913254,539.0]},{"page":3,"text":".","rect":[515.7540893554688,557.0,518.5137294874191,551.0]},{"page":3,"text":".","rect":[515.7540893554688,634.0,518.5137294874191,628.0]},{"page":3,"text":".","rect":[515.7142333984375,646.0,518.4738735303879,640.0]},{"page":3,"text":".","rect":[515.7740478515625,702.0,518.5336879835129,696.0]},{"page":3,"text":".","rect":[515.7242431640625,714.0,518.4838832960129,708.0]},{"page":3,"text":"34","rect":[528.54296875,82.06257629394531,539.9999792337418,75.427490234375]},{"page":3,"text":"34","rect":[529.60205078125,94.12718200683594,539.5646739006043,87.17328643798828]},{"page":3,"text":"34","rect":[529.6419677734375,106.08219909667969,539.6045908927918,99.12830352783203]},{"page":3,"text":"34","rect":[529.5921020507813,118.03721618652344,539.5547251701355,111.08332061767578]},{"page":3,"text":"35","rect":[529.6219482421875,129.9922332763672,539.5845713615418,123.1479263305664]},{"page":3,"text":"35","rect":[529.661865234375,141.94822692871095,539.6244883537293,135.1039276123047]},{"page":3,"text":"35","rect":[529.6420288085938,153.9032440185547,539.604651927948,147.05894470214845]},{"page":3,"text":"36","rect":[529.612060546875,165.85826110839845,539.5746836662293,159.0139617919922]},{"page":3,"text":"36","rect":[529.60205078125,177.8132781982422,539.5646739006043,170.96897888183595]},{"page":3,"text":"36","rect":[529.632080078125,189.76829528808595,539.5947031974793,182.9239959716797]},{"page":3,"text":"36","rect":[529.6419677734375,201.7233123779297,539.6045908927918,194.87901306152345]},{"page":3,"text":"37","rect":[529.6818237304688,213.67930603027345,539.644446849823,206.73538208007813]},{"page":3,"text":"37","rect":[529.661865234375,225.6343231201172,539.6244883537293,218.69039916992188]},{"page":3,"text":"38","rect":[529.661865234375,237.58934020996095,539.6244883537293,230.7450408935547]},{"page":3,"text":"38","rect":[529.65185546875,249.5443572998047,539.6144785881043,242.70005798339845]},{"page":3,"text":"40","rect":[528.54296875,271.3528137207031,539.9999792337418,264.71771240234377]},{"page":3,"text":"41","rect":[528.54296875,293.1711730957031,539.9999792337418,286.6357116699219]},{"page":3,"text":"41","rect":[528.54296875,315.08917236328127,539.9999792337418,308.5537109375]},{"page":3,"text":"41","rect":[529.60205078125,327.0441589355469,539.5646739006043,320.2994689941406]},{"page":3,"text":"41","rect":[529.612060546875,338.9991455078125,539.5746836662293,332.25445556640627]},{"page":3,"text":"42","rect":[529.612060546875,350.9541320800781,539.5746836662293,344.2094421386719]},{"page":3,"text":"42","rect":[529.612060546875,362.90911865234377,539.5746836662293,356.1644287109375]},{"page":3,"text":"44","rect":[529.612060546875,374.8641052246094,539.5746836662293,368.1194152832031]},{"page":3,"text":"45","rect":[529.5921020507813,387.0293273925781,539.5547251701355,380.0754089355469]},{"page":3,"text":"47","rect":[529.6320190429688,398.98431396484377,539.594642162323,392.0303955078125]},{"page":3,"text":"48","rect":[529.612060546875,410.9393005371094,539.5746836662293,403.9853820800781]},{"page":3,"text":"48","rect":[529.6419677734375,422.894287109375,539.6045908927918,415.94036865234377]},{"page":3,"text":"49","rect":[528.54296875,444.70269775390627,539.9999792337418,438.0675964355469]},{"page":3,"text":"49","rect":[528.54296875,466.6206970214844,539.9999792337418,459.985595703125]},{"page":3,"text":"49","rect":[528.4066162109375,488.5386962890625,539.863565659523,481.9035949707031]},{"page":3,"text":"50","rect":[528.4564208984375,510.4556884765625,539.913370347023,503.8305358886719]},{"page":3,"text":"50","rect":[528.54296875,532.3736572265625,539.9999792337418,525.74853515625]},{"page":3,"text":"50","rect":[529.60205078125,544.4382934570313,539.5646739006043,537.593994140625]},{"page":3,"text":"50","rect":[529.6320190429688,556.394287109375,539.594642162323,549.5499877929688]},{"page":3,"text":"54","rect":[528.54296875,578.20166015625,539.9999792337418,571.5665893554688]},{"page":3,"text":"54","rect":[528.38671875,600.11962890625,539.8436681985855,593.4845581054688]},{"page":3,"text":"54","rect":[528.426513671875,622.0376586914063,539.8835241556168,615.402587890625]},{"page":3,"text":"55","rect":[529.6220092773438,634.102294921875,539.584632396698,627.2579956054688]},{"page":3,"text":"56","rect":[529.5821533203125,646.0572509765625,539.5447764396668,639.2129516601563]},{"page":3,"text":"56","rect":[528.4165649414063,667.8656616210938,539.8735143899918,661.2405395507813]},{"page":3,"text":"57","rect":[528.3667602539063,689.78369140625,539.8237097024918,682.9493408203125]},{"page":3,"text":"57","rect":[529.6419677734375,701.8482666015625,539.6045908927918,694.904296875]},{"page":3,"text":"58","rect":[529.5921630859375,713.8032836914063,539.5547862052918,706.958984375]},{"page":4,"text":"2` 3","rect":[72.0,104.0,83.45698759555816,97.35443878173828]},{"page":4,"text":"22.3 Confgure TAK Server to use SSL . . . ..","rect":[86.94400024414063,84.00528717041016,294.05645409679416,74.82972717285156]},{"page":4,"text":"Appendix E: Proper Use of Trusted CAs","rect":[86.94390106201172,105.80272674560547,292.2332114973068,96.9061279296875]},{"page":4,"text":"..","rect":[299.0377502441406,83.0,309.5383266553879,76.0]},{"page":4,"text":"3","rect":[303.5090026855469,750.09716796875,308.4903025627136,743.2528686523438]},{"page":4,"text":".","rect":[314.5196228027344,83.0,317.27926293468479,76.0]},{"page":4,"text":".","rect":[322.26055908203127,83.0,325.02019921398166,76.0]},{"page":4,"text":".","rect":[330.0014953613281,83.0,332.7611354932785,76.0]},{"page":4,"text":".","rect":[337.742431640625,83.0,340.5020717725754,76.0]},{"page":4,"text":".","rect":[345.4833679199219,83.0,348.24300805187229,76.0]},{"page":4,"text":".","rect":[353.21435546875,83.0,355.9739956007004,76.0]},{"page":4,"text":".","rect":[360.9552917480469,83.0,363.71493187999729,76.0]},{"page":4,"text":".","rect":[368.69622802734377,83.0,371.45586815929416,76.0]},{"page":4,"text":".","rect":[376.4371643066406,83.0,379.196804438591,76.0]},{"page":4,"text":".","rect":[384.1781005859375,83.0,386.9377407178879,76.0]},{"page":4,"text":".","rect":[391.9190368652344,83.0,394.67867699718479,76.0]},{"page":4,"text":".","rect":[399.65997314453127,83.0,402.41961327648166,76.0]},{"page":4,"text":".","rect":[407.4009094238281,83.0,410.1605495557785,76.0]},{"page":4,"text":".","rect":[415.141845703125,83.0,417.9014858350754,76.0]},{"page":4,"text":".","rect":[422.8827819824219,83.0,425.64242211437229,76.0]},{"page":4,"text":".","rect":[430.62371826171877,83.0,433.38335839366916,76.0]},{"page":4,"text":".","rect":[438.3646545410156,83.0,441.124294672966,76.0]},{"page":4,"text":".","rect":[446.1055908203125,83.0,448.8652309522629,76.0]},{"page":4,"text":".","rect":[453.8465270996094,83.0,456.60616723155979,76.0]},{"page":4,"text":".","rect":[461.58746337890627,83.0,464.34710351085666,76.0]},{"page":4,"text":".","rect":[469.3283996582031,83.0,472.0880397901535,76.0]},{"page":4,"text":".","rect":[477.0693359375,83.0,479.8289760694504,76.0]},{"page":4,"text":".","rect":[484.8102722167969,83.0,487.56991234874729,76.0]},{"page":4,"text":".","rect":[492.55120849609377,83.0,495.31084862804416,76.0]},{"page":4,"text":".","rect":[500.2921447753906,83.0,503.051784907341,76.0]},{"page":4,"text":".","rect":[508.0330810546875,83.0,510.7927211866379,76.0]},{"page":4,"text":".","rect":[515.7740478515625,83.0,518.5336879835129,76.0]},{"page":4,"text":"59","rect":[529.6419677734375,82.17216491699219,539.6045908927918,75.3278579711914]},{"page":4,"text":"60","rect":[528.3966674804688,103.97956848144531,539.8536169290543,97.35443878173828]},{"page":5,"text":"1 About TAK Server","rect":[72.0,82.12075805664063,231.44365518474579,71.92060852050781]},{"page":5,"text":"`TAK Server is a situational awareness server, that provides a dynamic Common Operating Picture to users","rect":[71.64099884033203,105.8252944946289,539.5531560631735,96.64973449707031]},{"page":5,"text":"o` f the Team Awareness Kit, including ATAK (Android), WinTAK (Windows) and WebTAK. TAK enables","rect":[72.0,118.2197036743164,539.5895439263188,108.2670669555664]},{"page":5,"text":"`sharing of geolocated information in real time for military forces, law enforcement, and emergency responders.","rect":[72.0,129.73635864257813,541.4609171085099,120.67039489746094]},{"page":5,"text":"`It supports both wireless and wired networks, as well as cloud and data center deployment.","rect":[72.0,141.68141174316407,470.36446801280979,132.73500061035157]},{"page":5,"text":"2` Change Log","rect":[72.0,175.4642791748047,180.2277255268097,162.58139038085938]},{"page":5,"text":"S` ee https://wiki.tak.gov/display/DEV/TAK+Server+Change+Log","rect":[72.0,196.89572143554688,365.3786082267761,186.94308471679688]},{"page":5,"text":"3` System Requirements","rect":[72.0,230.21597290039063,249.72070778179168,217.34744262695313]},{"page":5,"text":"3` .1 Supported Operating Systems","rect":[72.0,253.5660858154297,279.82923474121096,242.830322265625]},{"page":5,"text":"• Rocky Linux 8 (Replacement for CentOS 8, which is EOL)","rect":[84.1760025024414,272.0447692871094,353.7129008140564,262.0921325683594]},{"page":5,"text":"• Red Hat Enterprise Linux (RHEL) 8 or 7","rect":[84.1760025024414,283.9997253417969,277.8875803947449,274.0470886230469]},{"page":5,"text":"• Ubuntu 22","rect":[84.1760025024414,293.68328857421877,143.36260175704957,286.5600280761719]},{"page":5,"text":"• Raspberry Pi OS (64-bit)","rect":[84.1760025024414,307.9097595214844,207.87043255233764,297.9571228027344]},{"page":5,"text":"• CentOS 7 (not CentOS 8 Stream)","rect":[84.1760025024414,319.86474609375,247.06684368515014,309.912109375]},{"page":5,"text":"Java 17 is required. Java 17 is installed by default via package dependencies, but if your system has a diferent","rect":[71.74099731445313,337.3593444824219,539.7861038090036,328.29339599609377]},{"page":5,"text":"Java version installed in addition to Java 17, ensure that TAK Server is using Java 17.","rect":[71.74099731445313,349.3143310546875,449.65218773937229,340.1387939453125]},{"page":5,"text":"3` .2 Server Requirements","rect":[72.0,377.4683532714844,225.56454052734376,366.8162841796875]},{"page":5,"text":"• `4 processor cores","rect":[84.17599487304688,395.4727783203125,170.08198732566835,386.8052978515625]},{"page":5,"text":"• 8 GB RAM","rect":[84.17599487304688,405.7142333984375,147.3277219657898,398.3717956542969]},{"page":5,"text":"• `40 GB disk storage","rect":[84.17599487304688,419.5023498535156,179.86525830459596,410.4364013671875]},{"page":5,"text":"F` or Raspberry Pi installations, a Pi 4, Model B, Quad-Core 64-bit 8GB RAM version is recommended for a","rect":[72.0,437.4253845214844,539.589581721609,428.2597961425781]},{"page":5,"text":"m` inimal TAK Server setup (TAK Server messaging and api services with local PostgreSQL database)","rect":[72.0,449.82867431640627,514.9271036949158,439.87603759765627]},{"page":5,"text":"N` OTE: Insecure ports are a potential security risk and may allow attackers to gain access to","rect":[72.0,467.27349853515627,539.7498130869699,458.3370361328125]},{"page":5,"text":"t` he system resulting in the disclosure of personal and sensitive information. Use of unencrypted","rect":[72.0,479.228515625,539.6449095463207,470.2621765136719]},{"page":5,"text":"p` orts should be avoided to ensure a secure TAK Server deployment.","rect":[72.0,491.1735534667969,415.61001512241367,482.23712158203127]},{"page":5,"text":"3` .3 AWS / GovCloud Recommended Instance Type","rect":[72.0,520.056884765625,385.97939221191407,508.1136169433594]},{"page":5,"text":"• c5.xlarge","rect":[84.1760025024414,537.5113525390625,135.3626337928772,528.554931640625]},{"page":5,"text":"– 4` vCPU","rect":[108.11499786376953,547.6332397460938,153.46465611457826,540.400390625]},{"page":5,"text":"– 8 GB RAM","rect":[108.11499786376953,559.5882568359375,169.2447141532898,552.2457885742188]},{"page":5,"text":"– Up to 10 Gbps network bandwidth","rect":[108.11499786376953,573.2567749023438,271.0624765062332,564.3103637695313]},{"page":5,"text":"• For 2-server installation, use this instance type for both servers.","rect":[84.17599487304688,585.3223876953125,375.39153710460666,576.2664184570313]},{"page":5,"text":"`TAK Server is a TLS-enabled networking server. In order to ensure consistent performance, burstable AWS","rect":[71.64099884033203,603.2643432617188,539.5443212850773,594.0887451171875]},{"page":5,"text":"E` C2 instance types such as T2 are not recommended. TLS and TCP processing requires consistent, continuous","rect":[72.0,615.2193603515625,539.5666077248243,606.1533813476563]},{"page":5,"text":"C` PU performance. C4 and C5 instances are designed for predictable CPU performance, and are better-suited","rect":[72.0,627.1753540039063,539.5764339907502,618.109375]},{"page":5,"text":"f` or TAK Server deployments.","rect":[72.0,639.120361328125,199.31205407238009,629.9547729492188]},{"page":5,"text":"M` ore information about instance types may be found here: https://aws.amazon.com/ec2/instance-types","rect":[72.0,657.501708984375,526.6730060024262,647.549072265625]},{"page":5,"text":"U` sage of larger instance types or physical servers is supported for scalability, to support more","rect":[72.0,674.9454956054688,539.6826481030738,665.9791870117188]},{"page":5,"text":"c` oncurrent active users.","rect":[72.0,684.9578247070313,191.22244188022615,678.0836181640625]},{"page":5,"text":"4","rect":[303.5090026855469,749.8880004882813,308.4903025627136,743.143310546875]},{"page":6,"text":"`4 Installation","rect":[72.0,82.03468322753906,176.19644701480866,72.0066909790039]},{"page":6,"text":"`4.1 Overview and Installer Files","rect":[72.0,105.9074478149414,268.57938732910159,97.43121337890625]},{"page":6,"text":"T` AK Server supports multiple deployment confgurations: - Single server install: One server running TAK","rect":[71.64099884033203,126.20731353759766,540.2816779972066,117.03175354003906]},{"page":6,"text":"S` erver core (messaging, API, plugins and database): recommended for fewer than 500 users. - `Two server","rect":[72.0,138.60067749023438,539.9760910871288,128.64804077148438]},{"page":6,"text":"install: `One server running TAK Server core (messaging, API, plugins and database) and a second server","rect":[72.0,150.55661010742188,539.8092081615222,140.60397338867188]},{"page":6,"text":"r` unning PostgreSQL database: recommended for more than 500 users. - C` ontainerized docker install: One","rect":[72.0,162.07333374023438,539.9826315676002,153.0073699951172]},{"page":6,"text":"c` ontainer running TAK Server core (messaging, API, plugins and database) and another container running Post-","rect":[72.0,174.46664428710938,541.2165879335126,164.51400756835938]},{"page":6,"text":"`greSQL database (designed for operating systems other than CentOS 7 / RHEL 7). Hardened containers are","rect":[72.0,186.42172241210938,539.5975864135919,176.46908569335938]},{"page":6,"text":"`published to both tak.gov and IronBank (see https://ironbank.dso.mil/repomap?searchText=tak%20server).","rect":[72.0,198.37667846679688,541.2202289817792,188.42404174804688]},{"page":6,"text":"`The following installation fles are provided:","rect":[71.64099884033203,215.87136840820313,263.10223046398166,206.80540466308595]},{"page":6,"text":"4` .1.1 Installer for single-server install","rect":[72.0,241.71755981445313,266.55960008335117,232.751220703125]},{"page":6,"text":"• RHEL/Rocky/CentOS: takserver-5.2-RELEASE-x.noarch.rpm","rect":[84.17599487304688,260.5946960449219,379.9003477811813,250.64205932617188]},{"page":6,"text":"• Ubuntu/RaspPi: takserver_5.2-RELEASE-x_all.deb","rect":[84.1760025024414,272.5497131347656,335.7602720975876,262.5970764160156]},{"page":6,"text":"4.1.2 Database installer for two-server install","rect":[71.99999237060547,296.01483154296877,304.87579271030429,288.9912109375]},{"page":6,"text":"• RHEL/Rocky/CentOS: takserver-database-5.2-RELEASE-x.noarch.rpm","rect":[84.17599487304688,316.834716796875,426.9735899686813,306.882080078125]},{"page":6,"text":"• Ubuntu/RaspPi: takserver-database_5.2-RELEASE-x_all.deb","rect":[84.17598724365235,328.78973388671877,382.8335142850876,318.83709716796877]},{"page":6,"text":"4.1.3 Core installer for two-server install","rect":[71.9999771118164,352.3046875,282.77871629428867,345.2312316894531]},{"page":6,"text":"• RHEL/Rocky/CentOS: takserver-core-5.2-RELEASE-x.noarch.rpm","rect":[84.17597961425781,373.0747375488281,406.0521422147751,363.1221008300781]},{"page":6,"text":"• Ubuntu/RaspPi: takserver-core_5.2-RELEASE-x_all.deb","rect":[84.17597198486328,385.0307312011719,361.9120360136032,375.0780944824219]},{"page":6,"text":"4.1.4 Containerized docker install bundle","rect":[71.99996185302735,408.5447082519531,285.0302583322525,401.5011291503906]},{"page":6,"text":"• takserver-docker-5.2-RELEASE-x.zip","rect":[84.17596435546875,429.0367736816406,274.7393065214157,420.62835693359377]},{"page":6,"text":"4.1.5 Containerized hardeneded docker install bundle","rect":[71.99996185302735,452.8296813964844,346.6588899240494,445.7861022949219]},{"page":6,"text":"• takserver-docker-hardened-5.2-RELEASE-x.zip","rect":[84.17596435546875,473.32177734375,321.8125792264938,464.9133605957031]},{"page":6,"text":"4.1.6 Installer for federation hub (beta)","rect":[71.99996185302735,499.48577880859377,277.7176863870621,489.5430908203125]},{"page":6,"text":"• RHEL/Rocky/CentOS: takserver-fed-hub-5.2-RELEASE-x.noarch.rpm","rect":[84.17596435546875,517.8857421875,421.7432127714157,507.9330749511719]},{"page":6,"text":"• Ubuntu/RaspPi: takserver-fed-hub_5.2-RELEASE-x_all.deb","rect":[84.17595672607422,529.8406982421875,377.6031065702438,519.8880615234375]},{"page":6,"text":"Federation hub documentation available here: https://wiki.tak.gov/display/TPC/Federation+Hub","rect":[71.99994659423828,547.7737426757813,501.9458383226395,537.8211059570313]},{"page":6,"text":"4.1.7 Verifying GPG signatures","rect":[71.99994659423828,573.1804809570313,236.76140973949433,564.2141723632813]},{"page":6,"text":"4.1.7.1 Verifying GPG Signatures on RPM Packages","rect":[71.99994659423828,591.5704956054688,343.3014488019943,582.6041870117188]},{"page":6,"text":"T` he GPG public key for TAK Server can be found under https://artifacts.tak.gov/ui/repos/tree/General/TAKServer/release/","rect":[71.64099884033203,609.99072265625,601.2439786621342,600.0380859375]},{"page":6,"text":"S` elect the TAK Server release version and download the fle takserver-public-gpg.key","rect":[72.0,627.475341796875,438.785046916008,618.3097534179688]},{"page":6,"text":"`Import the key to the RPM key management:","rect":[72.0,645.4183349609375,272.48736229991916,636.4619140625]},{"page":6,"text":"s` udo","rect":[72.0,662.0,92.9214583158493,655.2218017578125]},{"page":6,"text":"rpm","rect":[98.15182495117188,663.5106811523438,113.84292132854462,656.955322265625]},{"page":6,"text":"--import","rect":[119.07328796386719,663.5106811523438,160.91620166301727,655.2816162109375]},{"page":6,"text":"takserver-public-gpg.key","rect":[166.1465606689453,663.5804443359375,291.6752501249313,655.2218017578125]},{"page":6,"text":"`Verifying signature for the rpm installer package:","rect":[71.62100219726563,687.2613525390625,286.11578026866916,678.1953735351563]},{"page":6,"text":"r` pm","rect":[72.0,705.3536987304688,87.69109637737275,698.0]},{"page":6,"text":"--checksig","rect":[92.92146301269531,705.4234619140625,145.22511584758758,697.0648193359375]},{"page":6,"text":"takserver-5.2-RELEASE<version>.noarch.rpm","rect":[150.45547485351563,705.3536987304688,364.9004088163376,696.9452514648438]},{"page":6,"text":"5","rect":[303.5090026855469,750.0972290039063,308.4903025627136,743.2529296875]},{"page":7,"text":"E` xample of a successful output:","rect":[72.0,83.88573455810547,210.26095238780978,74.93931579589844]},{"page":7,"text":"`takserver-5.2-RELEASE28.noarch.rpm:","rect":[72.0,102.09675598144531,255.0627165555954,93.68831634521485]},{"page":7,"text":"rsa","rect":[260.2930908203125,101.0,275.9841490507126,94.0]},{"page":7,"text":"sha1","rect":[281.21453857421877,101.0,302.13597400188447,93.69828033447266]},{"page":7,"text":"(md5)","rect":[307.3663330078125,101.0,333.5181456327438,92.98097229003906]},{"page":7,"text":"pgp","rect":[338.74853515625,102.16648864746094,354.4396544218063,95.49154663085938]},{"page":7,"text":"md5","rect":[359.6700439453125,101.0,375.3611632108688,93.80786895751953]},{"page":7,"text":"OK","rect":[380.591552734375,99.99464416503906,391.0522948026657,93.69828033447266]},{"page":7,"text":"`Example of a failed output:","rect":[72.0,125.72881317138672,191.85007897472384,116.78239440917969]},{"page":7,"text":"t` akserver-5.2-RELEASE28.noarch.rpm:","rect":[72.0,143.93971252441407,255.0627165555954,135.53128051757813]},{"page":7,"text":"(MISSING","rect":[72.0,154.50100708007813,113.84292132854462,146.7799835205078]},{"page":7,"text":"KEYS:","rect":[119.07328796386719,153.7936553955078,145.22511584758758,147.49729919433595]},{"page":7,"text":"(MD5)","rect":[150.45547485351563,154.50100708007813,176.60728747844696,146.7799835205078]},{"page":7,"text":"PGP#6851f5b5)","rect":[181.837646484375,155.95553588867188,249.832644534111,146.7799835205078]},{"page":7,"text":"RSA","rect":[260.2930908203125,141.8376007080078,275.9841490507126,135.53128051757813]},{"page":7,"text":"sha1","rect":[281.21453857421877,142.0,302.13597400188447,135.54124450683595]},{"page":7,"text":"((MD5)","rect":[307.3663330078125,142.54495239257813,338.74852283000947,134.8239288330078]},{"page":7,"text":"PGP)","rect":[343.9789123535156,142.54495239257813,364.9004088163376,134.8239288330078]},{"page":7,"text":"md5","rect":[370.13079833984377,142.0,385.8219176054001,135.6508331298828]},{"page":7,"text":"NOT","rect":[391.05230712890627,141.8376007080078,406.7434263944626,135.54124450683595]},{"page":7,"text":"OK","rect":[411.97381591796877,141.8376007080078,422.43455798625947,135.54124450683595]},{"page":7,"text":"If the RPM packages were not signed with a GPG key, the output might look like:","rect":[71.99999237060547,179.64633178710938,432.38705102062229,170.5803680419922]},{"page":7,"text":"t` akserver-5.2-RELEASE25.noarch.rpm:","rect":[72.0,197.7387237548828,255.0627165555954,189.33029174804688]},{"page":7,"text":"sha1","rect":[260.2930908203125,196.0,281.2145262479782,189.3402557373047]},{"page":7,"text":"md5","rect":[286.44488525390627,196.0,302.13597400188447,189.44984436035157]},{"page":7,"text":"OK","rect":[307.3663330078125,195.63661193847657,317.8270445585251,189.3402557373047]},{"page":7,"text":"4` .1.7.2 Verifying GPG signatures","rect":[72.0,229.40249633789063,245.66802595043183,220.4361572265625]},{"page":7,"text":"S` elect the appropriate","rect":[72.0,247.2657928466797,173.2730162671777,238.3193817138672]},{"page":7,"text":"deb_policy.pol","rect":[71.23599243164063,259.3303527832031,132.83474394321443,250.38392639160157]},{"page":7,"text":"Install the debsig-verify utility:","rect":[71.99999237060547,277.2732849121094,207.27218285655978,268.20733642578127]},{"page":7,"text":"s` udo apt install debsig-verify","rect":[72.0,295.43450927734377,228.91090686321258,287.01611328125]},{"page":7,"text":"on","rect":[249.48370361328126,228.0,261.568342622757,222.0]},{"page":7,"text":"DEB","rect":[265.384033203125,227.40997314453126,289.8322374095917,220.57562255859376]},{"page":7,"text":"packages","rect":[293.6479187011719,229.40249633789063,337.45348737621307,220.4959259033203]},{"page":7,"text":"the","rect":[376.4591979980469,246.0,390.54350882088866,238.42897033691407]},{"page":7,"text":"fle","rect":[395.482177734375,246.0,408.44869070565428,238.3193817138672]},{"page":7,"text":"takserver-public-gpg.key","rect":[413.7080078125,247.37538146972657,518.0397040609959,238.42897033691407]},{"page":7,"text":"and","rect":[523.6279907226563,245.44264221191407,539.9885824982788,238.42897033691407]},{"page":7,"text":"U` sing the ID within the deb_policy.pol fle, ex. 039FCDA2D8907527, run the following","rect":[72.0,319.1163330078125,454.61015883303159,309.9407958984375]},{"page":7,"text":"s` igned TAK Server deb resources:","rect":[72.0,331.0713195800781,218.79891625499728,321.8957824707031]},{"page":7,"text":"s` udo mkdir /usr/share/debsig/keyrings/039FCDA2D8907527","rect":[72.0,349.2334899902344,354.4396544218063,340.0479736328125]},{"page":7,"text":"s` udo mkdir /etc/debsig/policies/039FCDA2D8907527","rect":[72.0,361.1885070800781,323.0574217557907,352.00299072265627]},{"page":7,"text":"s` udo touch /usr/share/debsig/keyrings/039FCDA2D8907527/debsig.gpg","rect":[72.0,373.14349365234377,411.9738035917282,363.9579772949219]},{"page":7,"text":"s` udo","rect":[72.0,384.0,92.9214583158493,376.7398376464844]},{"page":7,"text":"gpg","rect":[98.15182495117188,385.0984802246094,113.84292132854462,378.42352294921877]},{"page":7,"text":"--no-default-keyring","rect":[119.07328796386719,385.0984802246094,223.680544924736,376.6800842285156]},{"page":7,"text":"--keyring","rect":[228.91090393066407,385.0984802246094,275.9841490507126,376.7398376464844]},{"page":7,"text":"/usr/share/debsig/keyrings/039FCDA2D8907527/debsig.gpg","rect":[91.92499542236328,397.053466796875,374.3646422147751,387.8679504394531]},{"page":7,"text":"--import","rect":[379.59503173828127,396.98370361328127,421.4380369901657,388.7546081542969]},{"page":7,"text":"takserver-public-gpg.key","rect":[91.92499542236328,409.00946044921877,217.45372302532196,400.65081787109377]},{"page":7,"text":"`sudo","rect":[72.0,419.0,92.9214583158493,412.6058654785156]},{"page":7,"text":"cp","rect":[98.15182495117188,420.8947448730469,108.61255176067353,413.0]},{"page":7,"text":"deb_policy.pol","rect":[113.84292602539063,420.95452880859377,187.06801135540008,412.6058654785156]},{"page":7,"text":"/etc/debsig/policies/039FCDA2D8907527/debsig.pol","rect":[192.29837036132813,420.9645080566406,443.35606677532197,411.77899169921877]},{"page":7,"text":"`debsig-verify","rect":[72.0,432.91949462890627,139.994753909111,424.5010986328125]},{"page":7,"text":"-v","rect":[145.22511291503907,431.0,155.6858397245407,426.0]},{"page":7,"text":"takserver-5.2-RELEASE_all.deb","rect":[160.91619873046876,431.0,312.5966978788376,424.4413146972656]},{"page":7,"text":"command","rect":[457.934326171875,318.0,500.0605953964619,310.15997314453127]},{"page":7,"text":"to","rect":[503.3747863769531,318.0,512.2392481885004,310.947021484375]},{"page":7,"text":"verify","rect":[515.5634155273438,319.10638427734377,539.950731921734,310.0503845214844]},{"page":7,"text":"`Confrm signature verifcation by identifying statement:","rect":[72.0,456.600341796875,314.34026757335666,447.5343933105469]},{"page":7,"text":"`debsig:","rect":[72.0,474.7624816894531,108.61255176067353,466.4038391113281]},{"page":7,"text":"Verified","rect":[113.84292602539063,473.0,155.6858397245407,466.3440856933594]},{"page":7,"text":"package","rect":[160.91619873046876,474.7624816894531,197.5287352323532,466.4038391113281]},{"page":7,"text":"from","rect":[202.75909423828126,473.0,223.680544924736,466.3440856933594]},{"page":7,"text":"’TAK","rect":[228.91090393066407,472.4909973144531,249.83235461711883,466.2843017578125]},{"page":7,"text":"Product","rect":[255.06272888183595,472.5408020019531,291.67528064250947,466.4038391113281]},{"page":7,"text":"Center’","rect":[296.9056701660156,472.59063720703127,333.5182371854782,466.29425048828127]},{"page":7,"text":"(TAK","rect":[338.7486267089844,473.2979736328125,359.6700926542282,465.57696533203127]},{"page":7,"text":"Server","rect":[364.90045166015627,472.59063720703127,396.2826414823532,466.29425048828127]},{"page":7,"text":"Release)","rect":[401.51300048828127,473.2979736328125,443.3559141874313,465.57696533203127]},{"page":7,"text":"4` .2","rect":[72.0,506.35699462890627,89.1676674194336,498.490478515625]},{"page":7,"text":"New Installation: One Server","rect":[102.61726379394531,506.4884948730469,275.42969763183597,498.01226806640627]},{"page":7,"text":"4` .2.1 Prerequisites","rect":[72.0,526.6687622070313,172.2436790266037,517.91162109375]},{"page":7,"text":"S` tart with a fresh install of a supported OS. For AWS / cloud installation, see recommended instance type","rect":[72.0,545.61572265625,539.5284614416033,535.6630859375]},{"page":7,"text":"o` n page 5. An OS install with a GUI is recommended, so that a web browser can be run locally to confgure","rect":[72.0,557.1333618164063,539.6200116990539,547.957763671875]},{"page":7,"text":"`TAK Server.","rect":[71.64099884033203,567.2552490234375,126.43529931163788,559.9127807617188]},{"page":7,"text":"`Increase system limit for number of concurrent TCP connections (do once):","rect":[72.0,587.459716796875,401.492947016716,577.507080078125]},{"page":7,"text":"echo -e \"*","rect":[72.0,602.9608154296875,124.30382068157197,596.7142944335938]},{"page":7,"text":"soft","rect":[145.22528076171876,602.9608154296875,166.14674670696258,596.7640991210938]},{"page":7,"text":"nofile 32768\\n*","rect":[187.06820678710938,603.7279663085938,265.52366931438447,595.9969482421875]},{"page":7,"text":"hard","rect":[286.44512939453127,602.9608154296875,307.3665953397751,596.8238525390625]},{"page":7,"text":"/etc/security/limits.conf > /dev/null","rect":[91.92499542236328,617.1275024414063,285.4484434843063,607.951904296875]},{"page":7,"text":"sudo tee --append","rect":[411.9739074707031,605.1127319335938,500.8900938749313,596.8238525390625]},{"page":7,"text":"4` .2.2 TAK Server Installation","rect":[72.0,646.839599609375,228.17370456123354,639.7860717773438]},{"page":7,"text":"4` .2.2.1 Rocky Linux8","rect":[72.0,667.1115112304688,189.26975462436676,658.2149047851563]},{"page":7,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository.","rect":[72.0,685.542724609375,541.4217325381974,675.590087890625]},{"page":7,"text":"I` nstall java 17. Disable the postgresql module (so the later postgresql and postgis specifc versions aren’t","rect":[72.0,697.4976806640625,539.7805059245779,687.5450439453125]},{"page":7,"text":"`inaccessible due to ‘modular fltering’). Enable PowerTools (needed for dependencies of postgis.) Install TAK","rect":[72.0,709.4526977539063,539.9083869815816,699.5000610351563]},{"page":7,"text":"s` erver. Apply SELinux takserver-policy.","rect":[72.0,720.9593505859375,246.07650414562228,711.7937622070313]},{"page":7,"text":"6","rect":[303.5090026855469,750.0972290039063,308.4903025627136,743.2529296875]},{"page":8,"text":"Note that when installing postgres, you may run into issues related to the GPG key – if you need to update","rect":[71.44000244140625,83.99532318115235,539.7154564288359,74.93931579589844]},{"page":8,"text":"the key, you can modify the postgres installation command based on your operating system according to the","rect":[71.23599243164063,95.9503402709961,539.7217430499296,86.89433288574219]},{"page":8,"text":"g` uidelines here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/","rect":[71.3070068359375,108.35367584228516,419.71900126743318,98.40103912353516]},{"page":8,"text":"`sudo","rect":[72.0,123.0,92.9214583158493,116.64386749267578]},{"page":8,"text":"dnf","rect":[98.15182495117188,123.0,113.84292132854462,116.58409118652344]},{"page":8,"text":"install","rect":[119.07328796386719,123.0,155.6858397245407,116.64386749267578]},{"page":8,"text":"epel-release","rect":[160.91619873046876,124.93275451660156,223.680544924736,116.64386749267578]},{"page":8,"text":"-y","rect":[228.91090393066407,124.9925308227539,239.3716307401657,118.0]},{"page":8,"text":"`sudo dnf install -y","rect":[72.0,136.94747924804688,171.3769255399704,128.53904724121095]},{"page":8,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,148.9134979248047,609.7315855741501,139.7279815673828]},{"page":8,"text":"`sudo dnf -qy module disable postgresql && sudo dnf update -y","rect":[72.0,160.8684539794922,385.8219176054001,152.40025329589845]},{"page":8,"text":"s` udo","rect":[72.0,171.0,92.9214583158493,164.46485900878907]},{"page":8,"text":"dnf","rect":[98.15182495117188,171.0,113.84292132854462,164.4050750732422]},{"page":8,"text":"install","rect":[119.07328796386719,171.0,155.6858397245407,164.46485900878907]},{"page":8,"text":"java-17-openjdk-devel","rect":[160.91619873046876,172.81350708007813,270.7538023710251,164.30545043945313]},{"page":8,"text":"-y","rect":[275.9841613769531,172.81350708007813,286.4449034452438,166.0]},{"page":8,"text":"s` udo","rect":[72.0,183.0,92.9214583158493,176.41981506347657]},{"page":8,"text":"dnf","rect":[98.15182495117188,183.0,113.84292132854462,176.3600311279297]},{"page":8,"text":"config-manager","rect":[119.07328796386719,184.77842712402345,192.29837329387665,176.3600311279297]},{"page":8,"text":"--set-enabled","rect":[197.5287322998047,183.0,265.52391345500947,176.41981506347657]},{"page":8,"text":"powertools","rect":[270.7542724609375,184.7086944580078,323.0579100370407,176.41981506347657]},{"page":8,"text":"`sudo","rect":[72.0,195.0,92.9214583158493,188.3748321533203]},{"page":8,"text":"dnf","rect":[98.15182495117188,195.0,113.84292132854462,188.31504821777345]},{"page":8,"text":"install","rect":[119.07328796386719,195.0,155.6858397245407,188.3748321533203]},{"page":8,"text":"takserver-5.2-RELEASEx.noarch.rpm","rect":[160.91619873046876,196.66371154785157,333.5181456327438,188.25527954101563]},{"page":8,"text":"-y","rect":[338.74853515625,196.72348022460938,349.2092772245407,190.0]},{"page":8,"text":"s` udo dnf install checkpolicy","rect":[72.0,208.67849731445313,218.45018298625946,200.2700653076172]},{"page":8,"text":"cd","rect":[72.0,218.4228057861328,82.46072680950165,212.2858428955078]},{"page":8,"text":"/opt/tak","rect":[87.69100189208985,220.57472229003907,129.53392322063446,211.4589385986328]},{"page":8,"text":"&&","rect":[134.7642822265625,218.4726104736328,145.2250242948532,212.17625427246095]},{"page":8,"text":"sudo","rect":[150.45538330078126,219.0,171.37684924602508,212.2858428955078]},{"page":8,"text":"./apply-selinux.sh","rect":[176.60720825195313,220.63449096679688,270.7537108182907,211.4589385986328]},{"page":8,"text":"&&","rect":[275.98406982421877,218.4726104736328,286.44481189250947,212.17625427246095]},{"page":8,"text":"sudo","rect":[291.6751708984375,219.0,312.5966063261032,212.2858428955078]},{"page":8,"text":"semodule","rect":[317.82696533203127,219.0,359.66990954875947,212.2858428955078]},{"page":8,"text":"-l","rect":[364.9002990722656,219.0,375.3610411405563,212.2858428955078]},{"page":8,"text":"|","rect":[380.5914306640625,219.18992614746095,385.8217955350876,211.4589385986328]},{"page":8,"text":"grep","rect":[391.05218505859377,220.6444549560547,411.9736815214157,213.0]},{"page":8,"text":"takserver","rect":[417.2040710449219,219.0,464.27745349407197,212.2858428955078]},{"page":8,"text":"C` heck Java version:","rect":[72.0,241.41819763183595,157.91746178722384,234.1853485107422]},{"page":8,"text":"`java -version","rect":[72.0,260.3284606933594,139.994753909111,252.03958129882813]},{"page":8,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,282.9353942871094,539.5382690372783,273.87939453125]},{"page":8,"text":"t` he alternatives command to change it:","rect":[72.0,294.9002990722656,242.65932885265353,285.9439392089844]},{"page":8,"text":"`sudo","rect":[72.0,310.0,92.9214583158493,303.62884521484377]},{"page":8,"text":"alternatives","rect":[98.15182495117188,310.0,160.91620166301727,303.62884521484377]},{"page":8,"text":"--config","rect":[166.1465606689453,311.98748779296877,207.98945910930633,303.569091796875]},{"page":8,"text":"java","rect":[213.21981811523438,311.9775085449219,234.14126880168915,303.6886291503906]},{"page":8,"text":"4` .2.2.2 RHEL8","rect":[72.0,340.15264892578127,157.40937254428864,333.2186584472656]},{"page":8,"text":"R` HEL8 FIPS mode Support. TAK Server has experimental support for RHEL8 FIPS mode. This is intended","rect":[72.0,359.90777587890627,539.6057919009064,350.8517761230469]},{"page":8,"text":"`for evaluation only, for hardened environments. These steps enable TAK Server to operate with RHEL FIPS","rect":[72.0,371.9723815917969,539.5635778624949,362.8067932128906]},{"page":8,"text":"m` ode enabled, but does not provide full FIPS 140 compliance. See below for a new option for certs script","rect":[72.0,383.81878662109377,539.8333014672064,374.87237548828127]},{"page":8,"text":"`when using FIPS mode. Client certifcates generated with FIPS mode may not work with ATAK.","rect":[71.64099884033203,395.893310546875,497.362820063591,386.7177734375]},{"page":8,"text":"s` udo","rect":[72.0,411.0,92.9214583158493,404.621826171875]},{"page":8,"text":"rpm","rect":[98.15182495117188,412.91070556640627,113.84292132854462,405.0]},{"page":8,"text":"--import","rect":[119.07328796386719,412.91070556640627,160.91620166301727,404.6816101074219]},{"page":8,"text":"http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8","rect":[166.1465606689453,412.98046875,485.19908435344697,403.7949523925781]},{"page":8,"text":"`sudo","rect":[72.0,423.0,92.9214583158493,416.57684326171877]},{"page":8,"text":"rpm","rect":[98.15182495117188,424.86572265625,113.84292132854462,417.0]},{"page":8,"text":"--import","rect":[119.07328796386719,424.86572265625,160.91620166301727,416.6366271972656]},{"page":8,"text":"https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG","rect":[166.1465606689453,424.93548583984377,490.4294615507126,415.7499694824219]},{"page":8,"text":"`sudo vi /etc/fapolicyd/rules.d/99-whitelist.rules","rect":[72.0,436.8805236816406,328.2877989530563,427.7049865722656]},{"page":8,"text":"`Add line:","rect":[71.62100219726563,457.5546569824219,111.42158166027069,450.3218078613281]},{"page":8,"text":"`deny perm=any","rect":[72.0,476.57550048828127,139.994753909111,468.2268371582031]},{"page":8,"text":"all","rect":[145.22511291503907,475.0,160.91620166301727,468.2268371582031]},{"page":8,"text":":","rect":[166.1465606689453,475.0,171.3769255399704,470.0]},{"page":8,"text":"all","rect":[176.60728454589845,475.0,192.29837329387665,468.2268371582031]},{"page":8,"text":"`sudo vi /etc/fapolicyd/rules.d/39-tak.rules","rect":[72.0,498.3365173339844,296.9055968046188,489.1609802246094]},{"page":8,"text":"`Add lines:","rect":[71.62100219726563,519.0106201171875,115.3468517408371,511.7778015136719]},{"page":8,"text":"`allow perm=open","rect":[72.0,537.970703125,150.45547778606415,529.6818237304688]},{"page":8,"text":"a` llow perm=open","rect":[72.0,549.9266967773438,150.45547778606415,541.6378173828125]},{"page":8,"text":"all : dir=/opt/tak/ ftype=application/x-sharedlib","rect":[155.6858367919922,538.030517578125,411.9738035917282,528.8549194335938]},{"page":8,"text":"exe=/usr/pgsql-15/bin/postgres","rect":[155.6858367919922,549.9964599609375,312.5966978788376,540.8109130859375]},{"page":8,"text":":","rect":[317.8270568847656,548.0,323.0574217557907,542.0]},{"page":8,"text":"all","rect":[328.28778076171877,548.0,343.9789000272751,541.6378173828125]},{"page":8,"text":"trust=0","rect":[417.2041931152344,537.0,453.8168211698532,529.572265625]},{"page":8,"text":"• Custom certifcates with stronger algorithms will need to be generated for use on systems with FIPS","rect":[84.1760025024414,572.6023559570313,539.5683245859715,563.536376953125]},{"page":8,"text":"enabled. To do this: follow the existing certifcate instructions, but append –fps to the end of each","rect":[96.9070053100586,584.558349609375,539.5369223420288,575.4923706054688]},{"page":8,"text":"./makeRootCa.sh and ./makeCert.sh command. Note: ATAK may not support certifcates generated","rect":[96.9070053100586,596.9517211914063,539.6353439253625,586.9990844726563]},{"page":8,"text":"`with these stronger algorithms*","rect":[96.54800415039063,608.4683837890625,234.47023725509644,599.511962890625]},{"page":8,"text":"—` End FIPS Mode Commands—","rect":[69.01100158691406,624.5682373046875,218.83854579925538,617.3353881835938]},{"page":8,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository.","rect":[72.0,644.771728515625,541.4217325381974,634.819091796875]},{"page":8,"text":"I` nstall java 17. Disable the postgresql module (so the later postgresql and postgis specifc versions aren’t","rect":[72.0,656.7277221679688,539.7805059245779,646.7750854492188]},{"page":8,"text":"`inaccessible due to ‘modular fltering’). Enable Repository Management and repository CodeReady Builder.","rect":[72.0,668.6827392578125,541.4595870616371,658.7301025390625]},{"page":8,"text":"`Install TAK server. Apply SELinux takserver-policy.","rect":[72.0,680.1893310546875,301.7176479444504,671.0237426757813]},{"page":8,"text":"Note that when installing postgres, you may run into issues related to the GPG key – if you need to update","rect":[71.44000244140625,698.122314453125,539.7154564288359,689.0663452148438]},{"page":8,"text":"the key, you can modify the postgres installation command based on your operating system according to the","rect":[71.23599243164063,710.0773315429688,539.7217430499296,701.0213623046875]},{"page":8,"text":"`guidelines here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/","rect":[71.3070068359375,722.480712890625,419.71900126743318,712.528076171875]},{"page":8,"text":"7","rect":[303.5090026855469,750.0972290039063,308.4903025627136,743.1532592773438]},{"page":9,"text":"`sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm","rect":[72.0,84.23442077636719,527.0421324491501,75.04890441894531]},{"page":9,"text":"-y","rect":[91.92499542236328,96.17948150634766,102.38572223186493,89.62408447265625]},{"page":9,"text":"`sudo dnf install -y","rect":[72.0,108.1344985961914,171.3769255399704,99.72605895996094]},{"page":9,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,120.09947204589844,609.7315855741501,110.91395568847656]},{"page":9,"text":"s` udo dnf update -y && sudo dnf install java-17-openjdk-devel -y","rect":[72.0,132.04446411132813,401.51304919719697,123.53640747070313]},{"page":9,"text":"s` udo dnf module disable postgresql","rect":[72.0,144.0094451904297,249.83235461711883,135.59104919433595]},{"page":9,"text":"s` udo","rect":[72.0,154.0,92.9214583158493,147.6068878173828]},{"page":9,"text":"subscription-manager","rect":[98.15182495117188,155.9654998779297,202.75909717082977,147.6068878173828]},{"page":9,"text":"config","rect":[207.9894561767578,155.9654998779297,239.3716307401657,147.54710388183595]},{"page":9,"text":"--rhsm.manage_repos=1","rect":[244.60198974609376,155.9654998779297,354.4396544218063,147.49729919433595]},{"page":9,"text":"s` udo","rect":[72.0,166.0,92.9214583158493,159.56190490722657]},{"page":9,"text":"subscription-manager","rect":[98.15182495117188,167.92051696777345,202.75909717082977,159.56190490722657]},{"page":9,"text":"repos","rect":[207.9894561767578,167.8507843017578,234.14126880168915,161.0]},{"page":9,"text":"--enable","rect":[239.3716278076172,166.0,281.21519763469697,159.56190490722657]},{"page":9,"text":"codeready-builder-for-rhel-8-x86_64-rpms","rect":[286.4460144042969,167.91055297851563,495.6609678983688,159.44235229492188]},{"page":9,"text":"`Note: If you get the error ‘This system has no repositories available through subscriptions’, you need to","rect":[72.0,191.33731079101563,539.5262993148556,182.27134704589845]},{"page":9,"text":"s` ubscribe your system with:","rect":[72.0,203.28236389160157,193.34444848155978,194.33595275878907]},{"page":9,"text":"s` udo subscription-manager","rect":[72.0,221.18943786621095,202.75909717082977,212.83082580566407]},{"page":9,"text":"--auto-attach","rect":[91.92499542236328,230.92384338378907,159.91974170207977,224.78688049316407]},{"page":9,"text":"register","rect":[207.9894561767578,221.18943786621095,249.83235461711883,212.89059448242188]},{"page":9,"text":"--username","rect":[255.06271362304688,220.0,307.3663511991501,214.0]},{"page":9,"text":"<your_username>","rect":[312.5966796875,221.17947387695313,391.0522948026657,214.0]},{"page":9,"text":"--password","rect":[396.2826843261719,221.1197052001953,448.5864439725876,212.83082580566407]},{"page":9,"text":"<your_password>","rect":[453.81683349609377,221.17947387695313,532.2724791288376,212.83082580566407]},{"page":9,"text":"s` udo","rect":[72.0,255.0,92.9214583158493,248.16786193847657]},{"page":9,"text":"dnf","rect":[98.15182495117188,255.0,113.84292132854462,248.1080780029297]},{"page":9,"text":"install","rect":[119.07328796386719,255.0,155.6858397245407,248.16786193847657]},{"page":9,"text":"takserver-5.2-RELEASEx.noarch.rpm","rect":[160.91619873046876,256.45672607421877,333.5181456327438,248.04830932617188]},{"page":9,"text":"-y","rect":[338.74853515625,256.5165100097656,349.2092772245407,249.96112060546876]},{"page":9,"text":"s` udo dnf install checkpolicy","rect":[72.0,268.4725036621094,218.45018298625946,260.0640869140625]},{"page":9,"text":"cd","rect":[72.0,278.21575927734377,82.46072680950165,272.07879638671877]},{"page":9,"text":"/opt/tak","rect":[87.69100189208985,280.36767578125,129.53392322063446,271.2519226074219]},{"page":9,"text":"&&","rect":[134.7642822265625,278.2655944824219,145.2250242948532,271.9692077636719]},{"page":9,"text":"sudo","rect":[150.45538330078126,279.0,171.37684924602508,272.07879638671877]},{"page":9,"text":"./apply-selinux.sh","rect":[176.60720825195313,280.4274597167969,270.7537108182907,271.2519226074219]},{"page":9,"text":"&&","rect":[275.98406982421877,278.2655944824219,286.44481189250947,271.9692077636719]},{"page":9,"text":"sudo","rect":[291.6751708984375,279.0,312.5966063261032,272.07879638671877]},{"page":9,"text":"semodule","rect":[317.82696533203127,279.0,359.66990954875947,272.07879638671877]},{"page":9,"text":"C` heck Java version:","rect":[72.0,302.02117919921877,157.91746178722384,294.788330078125]},{"page":9,"text":"`java -version","rect":[72.0,321.74151611328127,139.994753909111,313.45263671875]},{"page":9,"text":"-l","rect":[364.9002990722656,279.0,375.3610411405563,272.07879638671877]},{"page":9,"text":"|","rect":[380.5914306640625,278.9828796386719,385.8217955350876,271.2519226074219]},{"page":9,"text":"grep","rect":[391.05218505859377,280.43743896484377,411.9736815214157,273.0]},{"page":9,"text":"takserver","rect":[417.2040710449219,279.0,464.27745349407197,272.07879638671877]},{"page":9,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,345.15838623046877,539.5382690372783,336.1023864746094]},{"page":9,"text":"t` he alternatives command to change it:","rect":[72.0,357.1233215332031,242.65932885265353,348.1669616699219]},{"page":9,"text":"`sudo","rect":[72.0,374.0,92.9214583158493,366.662841796875]},{"page":9,"text":"alternatives","rect":[98.15182495117188,374.0,160.91620166301727,366.662841796875]},{"page":9,"text":"--config","rect":[166.1465606689453,375.021484375,207.98945910930633,366.60308837890627]},{"page":9,"text":"java","rect":[213.21981811523438,375.0115051269531,234.14126880168915,366.7226257324219]},{"page":9,"text":"`4.2.2.3 RHEL7","rect":[72.0,404.3446350097656,157.40937254428864,397.41064453125]},{"page":9,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository","rect":[72.0,424.65869140625,539.869283392702,414.7060546875]},{"page":9,"text":"(required in order to install up-to-date Postgresql and PostGIS packages.) Install OpenJDK 17 and other","rect":[70.83399963378906,436.61370849609377,539.7220022214436,426.66107177734377]},{"page":9,"text":"d` ependencies. Install TAK server","rect":[72.0,448.0107727050781,217.07536917972565,438.95477294921877]},{"page":9,"text":"Note that when installing postgres, you may run into issues related to the GPG key – if you need to update","rect":[71.44000244140625,466.0533752441406,539.7154564288359,456.99737548828127]},{"page":9,"text":"the key, you can modify the postgres installation command based on your operating system according to the","rect":[71.23599243164063,478.0083923339844,539.7217430499296,468.952392578125]},{"page":9,"text":"`guidelines here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/","rect":[71.3070068359375,490.41168212890627,419.71900126743318,480.45904541015627]},{"page":9,"text":"`sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm","rect":[72.0,507.8714904785156,527.0421324491501,498.68597412109377]},{"page":9,"text":"-y","rect":[91.92499542236328,519.8165283203125,102.38572223186493,513.2611083984375]},{"page":9,"text":"`sudo yum install","rect":[72.0,531.7715454101563,155.6858397245407,523.4228515625]},{"page":9,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,543.7364501953125,609.7315855741501,534.5509033203125]},{"page":9,"text":"-y","rect":[91.92499542236328,555.6825561523438,102.38572223186493,549.1271362304688]},{"page":9,"text":"`sudo yum","rect":[72.0,567.6375122070313,113.84292132854462,559.288818359375]},{"page":9,"text":"s` udo yum","rect":[72.0,579.592529296875,113.84292132854462,571.2438354492188]},{"page":9,"text":"`sudo yum","rect":[72.0,591.5475463867188,113.84292132854462,583.1988525390625]},{"page":9,"text":"s` udo rpm","rect":[72.0,603.4426879882813,113.84292132854462,595.15380859375]},{"page":9,"text":"install","rect":[119.07328796386719,566.0,155.6858397245407,559.288818359375]},{"page":9,"text":"-y","rect":[160.91619873046876,567.6375122070313,171.3769255399704,561.0]},{"page":9,"text":"postgis33_15","rect":[176.60728454589845,567.6474609375,239.3716307401657,559.1792602539063]},{"page":9,"text":"postgis33_15-utils","rect":[244.60198974609376,567.6474609375,338.74852283000947,559.1792602539063]},{"page":9,"text":"install","rect":[119.07328796386719,578.0,155.6858397245407,571.2438354492188]},{"page":9,"text":"-y","rect":[160.91619873046876,579.592529296875,171.3769255399704,573.0]},{"page":9,"text":"postgresql15-server","rect":[176.60728454589845,579.6024780273438,275.9841490507126,571.13427734375]},{"page":9,"text":"postgresql15-contrib","rect":[281.21453857421877,579.6024780273438,385.8219176054001,571.13427734375]},{"page":9,"text":"install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[119.07328796386719,591.5475463867188,527.0421324491501,582.3719482421875]},{"page":9,"text":"-ivh takserver-5.2-RELEASEx.noarch.rpm --nodeps","rect":[119.07328796386719,603.4426879882813,364.9004088163376,595.0342407226563]},{"page":9,"text":"`Note that the yum package manager does not currently support JDK 17 on RHEL 7. By installing the","rect":[72.0,626.9293212890625,539.607565217373,617.972900390625]},{"page":9,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,638.8843383789063,539.5264494947168,629.818359375]},{"page":9,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,650.830322265625,368.66622582530979,641.7743530273438]},{"page":9,"text":"`Check Java version:","rect":[72.0,666.939208984375,157.91746178722384,659.7063598632813]},{"page":9,"text":"`java -version","rect":[72.0,686.6605224609375,139.994753909111,678.3716430664063]},{"page":9,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,710.0773315429688,539.5382690372783,701.0213623046875]},{"page":9,"text":"t` he alternatives command to change it:","rect":[72.0,722.0423583984375,242.65932885265353,713.0859375]},{"page":9,"text":"8","rect":[303.5090026855469,750.0972290039063,308.4903025627136,743.2529296875]},{"page":10,"text":"s` udo","rect":[72.0,83.0,92.9214583158493,75.87580108642578]},{"page":10,"text":"alternatives","rect":[98.15182495117188,83.0,160.91620166301727,75.87580108642578]},{"page":10,"text":"--config","rect":[166.1465606689453,84.23442077636719,207.98945910930633,75.81602478027344]},{"page":10,"text":"java","rect":[213.21981811523438,84.2244644165039,234.14126880168915,75.93557739257813]},{"page":10,"text":"`4.2.2.4 Ubuntu and Raspberry Pi OS","rect":[72.0,115.81849670410156,266.21093600654606,106.89200592041016]},{"page":10,"text":"I` nstall the postgres repository (required in order to install up-to-date Postgresql and PostGIS","rect":[72.0,134.24966430664063,491.3286093537475,124.29703521728516]},{"page":10,"text":"`Install TAK server","rect":[72.0,143.82362365722657,153.16530448246003,136.5907745361328]},{"page":10,"text":"`sudo mkdir -p /etc/apt/keyrings","rect":[72.0,163.9285125732422,234.14126880168915,154.7429962158203]},{"page":10,"text":"s` udo","rect":[72.0,174.0,92.9214583158493,167.5248565673828]},{"page":10,"text":"curl","rect":[98.15182495117188,174.0,119.07329089641572,167.5248565673828]},{"page":10,"text":"https://www.postgresql.org/media/keys/ACCC4CF8.asc","rect":[124.30364990234375,175.8834686279297,385.8219176054001,166.6979522705078]},{"page":10,"text":"--output","rect":[391.05230712890627,175.81373596191407,432.8953123807907,168.0]},{"page":10,"text":"/etc/apt/keyrings/postgresql.asc","rect":[91.92499542236328,187.8384246826172,259.29661853313447,178.6529083251953]},{"page":10,"text":"`sudo sh -c ’echo \"deb [signed-by=/etc/apt/keyrings/postgresql.asc]","rect":[72.0,199.79344177246095,417.2041197538376,190.60792541503907]},{"page":10,"text":"http://apt.postgresql.org/pub/repos/apt/","rect":[91.92499542236328,211.7484588623047,301.13963611125947,202.5629425048828]},{"page":10,"text":"$(lsb_release","rect":[306.3700256347656,210.29393005371095,374.3647948026657,202.5629425048828]},{"page":10,"text":"-cs)-pgdg","rect":[379.5951843261719,211.7484588623047,426.6685057401657,202.5629425048828]},{"page":10,"text":"main\"","rect":[431.89886474609377,209.5268096923828,458.0506773710251,203.28025817871095]},{"page":10,"text":"/etc/apt/sources.list.d/postgresql.list’","rect":[91.92499542236328,223.70347595214845,301.1396055936813,214.51795959472657]},{"page":10,"text":"s` udo apt update","rect":[72.0,235.58973693847657,150.45547778606415,227.3008575439453]},{"page":10,"text":"s` udo apt install ./takserver-5.2-RELEASEx_all.deb","rect":[72.0,247.5447540283203,328.2877989530563,238.42897033691407]},{"page":10,"text":">","rect":[463.28106689453127,208.91908264160157,468.5114317655563,203.9377899169922]},{"page":10,"text":"packages.)","rect":[494.91571044921877,134.24966430664063,540.6643560222342,124.29703521728516]},{"page":10,"text":"C` heck Java version:","rect":[72.0,269.46221923828127,157.91746178722384,262.2293701171875]},{"page":10,"text":"`java -version","rect":[72.0,289.447509765625,139.994753909111,281.15863037109377]},{"page":10,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,313.1283874511719,539.5382690372783,304.0723876953125]},{"page":10,"text":"`the alternatives command to change it:","rect":[72.0,325.09332275390627,242.65932885265353,316.136962890625]},{"page":10,"text":"`sudo","rect":[72.0,342.0,92.9214583158493,334.8968200683594]},{"page":10,"text":"alternatives","rect":[98.15182495117188,342.0,160.91620166301727,334.8968200683594]},{"page":10,"text":"--config","rect":[166.1465606689453,343.2554626464844,207.98945910930633,334.8370666503906]},{"page":10,"text":"java","rect":[213.21981811523438,343.2454833984375,234.14126880168915,334.95660400390627]},{"page":10,"text":"`4.2.2.5 CentOS7","rect":[72.0,372.9576110839844,164.41308043003083,365.9140319824219]},{"page":10,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository","rect":[72.0,393.2706604003906,539.869283392702,383.3180236816406]},{"page":10,"text":"(required in order to install up-to-date Postgresql and PostGIS packages.) Install OpenJDK 17 and other","rect":[70.83399963378906,405.2256774902344,539.7220022214436,395.2730407714844]},{"page":10,"text":"`dependencies. Install Tak server.","rect":[72.0,416.623779296875,214.85372582530978,407.7869567871094]},{"page":10,"text":"Note that when installing postgres, you may run into issues related to the GPG key – if you need to update","rect":[71.44000244140625,434.6654052734375,539.7154564288359,425.6094055175781]},{"page":10,"text":"the key, you can modify the postgres installation command based on your operating system according to the","rect":[71.23599243164063,446.6213684082031,539.7217430499296,437.56536865234377]},{"page":10,"text":"`guidelines here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/","rect":[71.3070068359375,459.0246887207031,419.71900126743318,449.0720520019531]},{"page":10,"text":"s` udo","rect":[72.0,475.0,92.9214583158493,468.38885498046877]},{"page":10,"text":"yum","rect":[98.15182495117188,476.7375183105469,113.84292132854462,470.0]},{"page":10,"text":"install","rect":[119.07328796386719,475.0,155.6858397245407,468.38885498046877]},{"page":10,"text":"epel-release","rect":[160.91619873046876,476.677734375,223.680544924736,468.38885498046877]},{"page":10,"text":"-y","rect":[228.91090393066407,476.7375183105469,239.3716307401657,470.0]},{"page":10,"text":"`sudo yum install","rect":[72.0,488.6935119628906,155.6858397245407,480.3448486328125]},{"page":10,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,500.6584777832031,609.7315855741501,491.47296142578127]},{"page":10,"text":"-y","rect":[91.92499542236328,512.603515625,102.38572223186493,506.0481262207031]},{"page":10,"text":"`sudo yum","rect":[72.0,524.5585327148438,113.84292132854462,516.2098388671875]},{"page":10,"text":"`sudo yum","rect":[72.0,536.5134887695313,113.84292132854462,528.164794921875]},{"page":10,"text":"`sudo yum","rect":[72.0,548.4685668945313,113.84292132854462,540.119873046875]},{"page":10,"text":"`sudo rpm","rect":[72.0,560.3646850585938,113.84292132854462,552.0758056640625]},{"page":10,"text":"install","rect":[119.07328796386719,523.0,155.6858397245407,516.2098388671875]},{"page":10,"text":"-y","rect":[160.91619873046876,524.5585327148438,171.3769255399704,518.0]},{"page":10,"text":"postgis33_15","rect":[176.60728454589845,524.5684814453125,239.3716307401657,516.1002807617188]},{"page":10,"text":"postgis33_15-utils","rect":[244.60198974609376,524.5684814453125,338.74852283000947,516.1002807617188]},{"page":10,"text":"install","rect":[119.07328796386719,535.0,155.6858397245407,528.164794921875]},{"page":10,"text":"-y","rect":[160.91619873046876,536.5134887695313,171.3769255399704,529.9580688476563]},{"page":10,"text":"postgresql15-server","rect":[176.60728454589845,536.5234375,275.9841490507126,528.0552368164063]},{"page":10,"text":"postgresql15-contrib","rect":[281.21453857421877,536.5234375,385.8219176054001,528.0552368164063]},{"page":10,"text":"install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[119.07328796386719,548.4685668945313,527.0421324491501,539.29296875]},{"page":10,"text":"-ivh takserver-5.2-RELEASEx.noarch.rpm --nodeps","rect":[119.07328796386719,560.3646850585938,364.9004088163376,551.9562377929688]},{"page":10,"text":"N` ote that the yum package manager does not currently support JDK 17 on CentOS 7. By installing the","rect":[72.0,584.1153564453125,539.5771697095605,575.0493774414063]},{"page":10,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,596.0703735351563,539.5264494947168,587.00439453125]},{"page":10,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,608.015380859375,368.66622582530979,598.9594116210938]},{"page":10,"text":"C` heck Java version:","rect":[72.0,624.125244140625,157.91746178722384,616.8923950195313]},{"page":10,"text":"`java -version","rect":[72.0,644.1105346679688,139.994753909111,635.8216552734375]},{"page":10,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,667.7913818359375,539.5382690372783,658.7354125976563]},{"page":10,"text":"t` he alternatives command to change it:","rect":[72.0,679.75634765625,242.65932885265353,670.7999267578125]},{"page":10,"text":"s` udo","rect":[72.0,696.0,92.9214583158493,689.559814453125]},{"page":10,"text":"alternatives","rect":[98.15182495117188,696.0,160.91620166301727,689.559814453125]},{"page":10,"text":"--config","rect":[166.1465606689453,697.91845703125,207.98945910930633,689.5000610351563]},{"page":10,"text":"java","rect":[213.21981811523438,697.9085083007813,234.14126880168915,689.61962890625]},{"page":10,"text":"9","rect":[303.5090026855469,750.0972290039063,308.4903025627136,743.2529296875]},{"page":11,"text":"`4.2.2.6 yum Install From tak.gov","rect":[72.0,83.95547485351563,243.56594429111483,75.04890441894531]},{"page":11,"text":"`Check to see if a .repo fle exists for tak.gov","rect":[72.0,101.93729400634766,263.25199905490879,92.87132263183594]},{"page":11,"text":"l` s /etc/yum.repos.d/Takserver.repo","rect":[72.0,119.5474624633789,249.83235461711883,110.37190246582031]},{"page":11,"text":"I` f it exists, skip down to the yum install of takserver database. If it doesn’t exist, create a new .repo fle to","rect":[72.0,142.6873321533203,539.4949717521668,133.63133239746095]},{"page":11,"text":"p` oint yum to the yum repo on tak.gov.","rect":[72.0,154.65231323242188,242.89841881847384,145.69593811035157]},{"page":11,"text":"cd /etc/yum.repos.d","rect":[72.0,172.26248168945313,171.37684924602508,163.08692932128907]},{"page":11,"text":"s` udo vi Takserver.repo","rect":[72.0,184.1587677001953,187.06801135540008,175.86988830566407]},{"page":11,"text":"Y` ou can also edit using another editor besides vi. Update the fle Takserver.repo to contain:","rect":[71.62100219726563,207.36734008789063,473.46245995616916,198.30137634277345]},{"page":11,"text":"[takrepo]","rect":[72.0,224.9176788330078,119.07329089641572,215.80189514160157]},{"page":11,"text":"name=TakserverRepository","rect":[72.0,236.93252563476563,197.5287352323532,228.58387756347657]},{"page":11,"text":"baseurl=https://<ARTIFACTORY_USER>:<ARTIFACTORY_TOKEN>@artifacts.tak.gov/artifactory/takserver-yum","rect":[72.0,248.8984832763672,584.5762511014939,239.7129669189453]},{"page":11,"text":"enabled=1","rect":[72.0,258.63177490234377,119.07329089641572,252.38523864746095]},{"page":11,"text":"gpgcheck=0","rect":[72.0,272.8084716796875,124.30365283489228,264.3402404785156]},{"page":11,"text":"`Where <ARTIFACTORY_USER> is a valid login to Artifactory that has access to the takserver-yum","rect":[71.49199676513672,295.9483337402344,539.6077666849166,286.7727966308594]},{"page":11,"text":"r` epo and <ARTIFACTORY_TOKEN> is a special token unique to the given Artifactory user that can be","rect":[72.0,307.9033203125,539.6012473132632,298.727783203125]},{"page":11,"text":"r` etrieved by that user using the “Set Me Up” menu option to retrieve it.","rect":[72.0,319.85833740234377,388.22286645030979,310.7923889160156]},{"page":11,"text":"Note: Do NOT use your password as it the Token is more secure and cannot be used for logging in. Only for","rect":[71.44000244140625,337.7813720703125,539.5368927678181,328.7253723144531]},{"page":11,"text":"retrieving or publishing. Also note: When you change the password of the given user, you will also need to","rect":[71.34800720214844,349.7363586425781,539.704627694843,340.5707702636719]},{"page":11,"text":"retrieve the new token which is based on it and update the baseurl in the Takserver.repo fle.","rect":[71.34800720214844,361.6913757324219,472.13327232170107,352.6353759765625]},{"page":11,"text":"S` ave the Takserver.repo fle and then do the install of the takserver.","rect":[72.00000762939453,379.5148010253906,369.1943325147629,370.5683898925781]},{"page":11,"text":"s` udo yum install takserver-core-5.2-RELEASEx","rect":[72.0,397.2445068359375,302.13597400188447,388.77630615234377]},{"page":11,"text":"`4.2.3 Confgure TAK Server Installation","rect":[72.0,428.0735168457031,280.74633639717106,419.107177734375]},{"page":11,"text":"`sudo","rect":[72.0,445.0,92.9214583158493,437.8418273925781]},{"page":11,"text":"systemctl","rect":[98.15182495117188,446.19049072265627,145.22511584758758,437.8418273925781]},{"page":11,"text":"daemon-reload","rect":[150.45547485351563,445.0,218.45018298625946,437.8418273925781]},{"page":11,"text":"`On resource limited hosts, such as a Raspberry Pi, you may start/stop only essential api and messaging TAK","rect":[72.0,469.7776794433594,539.957093036269,459.8250427246094]},{"page":11,"text":"S` erver services with:","rect":[72.0,479.46221923828127,160.90623131847384,472.2293701171875]},{"page":11,"text":"s` udo","rect":[72.0,497.0,92.9214583158493,490.5568542480469]},{"page":11,"text":"systemctl","rect":[98.15182495117188,498.905517578125,145.22511584758758,490.5568542480469]},{"page":11,"text":"[start|stop]","rect":[150.45547485351563,498.8457336425781,213.2198210477829,489.72998046875]},{"page":11,"text":"takserver-noplugins","rect":[218.45018005371095,498.9154968261719,317.8270445585251,490.5568542480469]},{"page":11,"text":"`Otherwise, to start/stop all TAK Server service:","rect":[72.0,522.4927368164063,282.1710170850754,512.5401000976563]},{"page":11,"text":"`sudo","rect":[72.0,538.0,92.9214583158493,531.3158569335938]},{"page":11,"text":"systemctl","rect":[98.15182495117188,539.66455078125,145.22511584758758,531.3158569335938]},{"page":11,"text":"[start|stop]","rect":[150.45547485351563,539.604736328125,213.2198210477829,530.4889526367188]},{"page":11,"text":"takserver","rect":[218.45018005371095,538.0,265.5234556913376,531.3158569335938]},{"page":11,"text":"Y` ou can set TAK Server to start at boot by running","rect":[71.62100219726563,562.8143310546875,300.2327342033386,553.6387329101563]},{"page":11,"text":"`sudo","rect":[72.0,579.0,92.9214583158493,572.0758056640625]},{"page":11,"text":"systemctl","rect":[98.15182495117188,580.4244995117188,145.22511584758758,572.0758056640625]},{"page":11,"text":"enable","rect":[150.45599365234376,578.2127685546875,181.8381834745407,572.0758056640625]},{"page":11,"text":"takserver","rect":[187.06898498535157,578.2127685546875,234.14227588176727,572.0758056640625]},{"page":11,"text":"or with resource limited hosts:","rect":[71.99998474121094,601.631591796875,204.3830074415207,594.617919921875]},{"page":11,"text":"s` udo","rect":[72.0,620.0,92.9214583158493,612.8358154296875]},{"page":11,"text":"systemctl","rect":[98.15182495117188,621.1845092773438,145.22511584758758,612.8358154296875]},{"page":11,"text":"enable","rect":[150.45599365234376,618.9727783203125,181.8381834745407,612.8358154296875]},{"page":11,"text":"takserver-noplugins","rect":[187.06898498535157,621.1944580078125,286.44591052532197,612.8358154296875]},{"page":11,"text":"For secure operation, TAK Server requires a keystore and truststore (X.509 certifcates).","rect":[71.99998474121094,644.771728515625,457.58245507335666,634.819091796875]},{"page":11,"text":"`Next, follow the instructions in Appendix B to create these certifcates. TAK Server by default is TLS only,","rect":[72.0,662.25634765625,540.8846358897621,653.0907592773438]},{"page":11,"text":"s` o certifcate generation, including an administrative certifcate is required for confguration. In addition, if","rect":[72.0,674.2213745117188,539.4737605662404,665.1553955078125]},{"page":11,"text":"y` ou would like to confgure TLS for Postgres database connection, follow additional steps in Appendix D.","rect":[71.74099731445313,686.1773681640625,532.3018764600754,677.0017700195313]},{"page":11,"text":"`Verify that the steps in Appendix B have been followed by checking the following items:","rect":[71.6209945678711,704.109375,456.22713891124729,694.9337768554688]},{"page":11,"text":"C` ertifcates are present at:","rect":[72.0,721.9227905273438,187.46651879405978,712.9763793945313]},{"page":11,"text":"10","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":12,"text":"/opt/tak/certs/files","rect":[72.0,84.16468811035156,176.60728747844696,75.04890441894531]},{"page":12,"text":"The TAK Server was restarted, the admin cert has been generated, and an admin account in TAK Server","rect":[71.64099884033203,107.4323501586914,539.7719508265511,98.25679016113281]},{"page":12,"text":"w` as created with the command:","rect":[71.64099884033203,117.44465637207031,210.25063744640353,110.43098449707031]},{"page":12,"text":"s` udo","rect":[72.0,136.0,92.9214583158493,128.7078399658203]},{"page":12,"text":"java","rect":[98.15182495117188,137.05648803710938,119.07329089641572,128.76760864257813]},{"page":12,"text":"-jar","rect":[124.30364990234375,137.05648803710938,145.22511584758758,128.76760864257813]},{"page":12,"text":"/opt/tak/utils/UserManager.jar","rect":[150.45547485351563,137.0664520263672,307.3663511991501,127.88093566894531]},{"page":12,"text":"certmod","rect":[312.5966796875,136.0,349.2092772245407,128.7078399658203]},{"page":12,"text":"-A","rect":[354.4396667480469,136.0,364.9004088163376,128.58828735351563]},{"page":12,"text":"/opt/tak/certs/files/admin.pem","rect":[370.13079833984377,136.99671936035157,527.0421324491501,127.88093566894531]},{"page":12,"text":"W ` hile following the instructions in Appendix B, you will have created an admin certifcate. Import this","rect":[71.49199676513672,160.26528930664063,539.5061498854968,151.08973693847657]},{"page":12,"text":"`certifcate into your browser, so that you can access the Admin. It will be located here on your TAK Server","rect":[72.0,172.21034240722657,539.7500560714593,163.0447540283203]},{"page":12,"text":"`machine:","rect":[72.0,182.2326202392578,110.42574730968475,175.2189483642578]},{"page":12,"text":"/opt/tak/certs/files/admin.pem","rect":[72.0,201.78468322753907,228.91090686321258,192.6688995361328]},{"page":12,"text":"I` mport this client certifcate into your browser.","rect":[72.0,225.0423126220703,277.0800747022629,215.98631286621095]},{"page":12,"text":"I` f you are using","rect":[72.0,242.98532104492188,144.21010668790246,233.9193572998047]},{"page":12,"text":"Certifcates","rect":[70.81900787353516,254.9303741455078,119.79514841461182,245.87437438964845]},{"page":12,"text":"`Go to Import. Upload this fle:","rect":[72.00000762939453,272.7537841796875,207.35189477062228,263.807373046875]},{"page":12,"text":"/opt/tak/certs/files/admin.p12","rect":[72.0,290.4826965332031,228.91090686321258,281.366943359375]},{"page":12,"text":"-> Privacy & Security -> Certifcates -> View","rect":[324.9132080078125,242.97535705566407,539.6229577166907,233.8097686767578]},{"page":12,"text":"`Enter the certifcate","rect":[72.0,312.0,159.25243481826784,304.6843566894531]},{"page":12,"text":"Browse to:","rect":[71.99998474121094,329.7406311035156,118.11686364269257,322.8365478515625]},{"page":12,"text":"password.","rect":[162.5799560546875,313.6307678222656,205.0206264600754,304.7939453125]},{"page":12,"text":"The","rect":[209.44403076171876,312.0,226.58965405654909,304.7939453125]},{"page":12,"text":"default","rect":[229.90721130371095,312.0,260.03409832382206,304.6843566894531]},{"page":12,"text":"password","rect":[263.3516540527344,313.6307678222656,303.04260956287387,304.7939453125]},{"page":12,"text":"is","rect":[306.36016845703127,312.0,313.0450763149261,305.16253662109377]},{"page":12,"text":"atakatak","rect":[316.6099853515625,311.7577819824219,358.4528990507126,305.6208190917969]},{"page":12,"text":"https://localhost:8443","rect":[72.0,349.292724609375,187.06801135540008,340.1769714355469]},{"page":12,"text":"`Select the admin certifcate to log in.","rect":[72.0,372.5603332519531,233.46384850597384,363.494384765625]},{"page":12,"text":"A` n error message similar to this indicates that the correct client certifcate has not been imported into the","rect":[71.6209945678711,390.4933166503906,539.4955281040013,381.3177795410156]},{"page":12,"text":"b` rowser:","rect":[72.0,400.5056457519531,108.3236354932785,393.4919738769531]},{"page":12,"text":"`4.3","rect":[72.0,659.4425048828125,89.1676674194336,651.4444580078125]},{"page":12,"text":"New Installation: Two Servers","rect":[102.61726379394531,659.4425048828125,281.31168713378909,650.9662475585938]},{"page":12,"text":"`4.3.1 Overview","rect":[72.0,677.7996215820313,154.03204983711243,670.756103515625]},{"page":12,"text":"`Follow the procedures in the following two sections to install the database server, and the messaging server.","rect":[72.0,698.13232421875,541.4558551367227,689.0663452148438]},{"page":12,"text":"`For AWS / cloud installation, see recommended instance type on page 4. Use this instance type for both","rect":[72.0,710.5256958007813,539.5568198029663,700.5730590820313]},{"page":12,"text":"s` ervers.","rect":[72.0,720.099609375,104.21905175304413,715.5367431640625]},{"page":12,"text":"11","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.2529296875]},{"page":13,"text":"4` .3.2 Server One: Database Server","rect":[72.0,82.06257629394531,253.1898182287216,75.0190200805664]},{"page":13,"text":"`4.3.2.1 Dependency Setup","rect":[72.0,102.33448791503906,209.9023117389679,93.40799713134766]},{"page":13,"text":"F` irst, update frewall rules to allow communication with server two, for TCP port 5432.","rect":[72.0,120.20769500732422,455.55999413585666,111.26127624511719]},{"page":13,"text":"4` .3.2.1.1","rect":[72.0,145.0,113.35475370883941,137.64447021484376]},{"page":13,"text":"Rocky Linux8","rect":[124.81173706054688,146.16249084472657,198.176309800148,137.26588439941407]},{"page":13,"text":"`Setup the extra postgres yum repo for the latest postgres and postgis. Disable the postgresql stream to","rect":[72.0,164.15530395507813,539.5263603500118,155.08934020996095]},{"page":13,"text":"i` nstall the specifc postgres version we depend on. Enable the ‘powertools’ repo for postgis dependencies.","rect":[72.0,176.11026000976563,541.4368421592972,167.04429626464845]},{"page":13,"text":"I` nstall TAK Server RPM database and its dependencies.","rect":[72.0,187.94676208496095,318.89312401866916,178.89076232910157]},{"page":13,"text":"`Note that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,205.94851684570313,539.730107972647,196.982177734375]},{"page":13,"text":"n` eed to update the key, you can modify the postgres installation command based on your","rect":[72.0,217.90353393554688,539.7195196547831,208.93719482421876]},{"page":13,"text":"o` perating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,230.34768676757813,539.6889862175622,220.39505004882813]},{"page":13,"text":"`rpm-repo-gpg-key-update/","rect":[72.0,242.30270385742188,205.46894285678864,232.35006713867188]},{"page":13,"text":"s` udo","rect":[72.0,259.0,92.9214583158493,251.66786193847657]},{"page":13,"text":"dnf","rect":[98.15182495117188,259.0,113.84292132854462,251.6080780029297]},{"page":13,"text":"install","rect":[119.07328796386719,259.0,155.6858397245407,251.66786193847657]},{"page":13,"text":"epel-release","rect":[160.91619873046876,259.95672607421877,223.680544924736,251.66786193847657]},{"page":13,"text":"-y","rect":[228.91090393066407,260.0165100097656,239.3716307401657,253.0]},{"page":13,"text":"`sudo dnf install","rect":[72.0,281.7148132324219,155.6858397245407,275.5180969238281]},{"page":13,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,295.8915100097656,609.7315855741501,286.70599365234377]},{"page":13,"text":"-y","rect":[91.92499542236328,307.8365173339844,102.38572223186493,301.2811279296875]},{"page":13,"text":"`sudo dnf update -y","rect":[72.0,331.74749755859377,166.14656360149383,323.3390808105469]},{"page":13,"text":"`sudo dnf module disable postgresql","rect":[72.0,355.66748046875,249.83235461711883,347.24908447265627]},{"page":13,"text":"`sudo","rect":[72.0,378.0,92.9214583158493,371.2188415527344]},{"page":13,"text":"dnf","rect":[98.15182495117188,378.0,113.84292132854462,371.1590881347656]},{"page":13,"text":"install","rect":[119.07328796386719,378.0,155.6858397245407,371.2188415527344]},{"page":13,"text":"java-17-openjdk-devel","rect":[160.91619873046876,379.5675048828125,270.7538023710251,371.0594482421875]},{"page":13,"text":"-y","rect":[275.9841613769531,379.5675048828125,286.4449034452438,373.0]},{"page":13,"text":"`sudo","rect":[72.0,402.0,92.9214583158493,395.1298522949219]},{"page":13,"text":"dnf","rect":[98.15182495117188,402.0,113.84292132854462,395.0700988769531]},{"page":13,"text":"config-manager","rect":[119.07328796386719,403.4884948730469,192.29837329387665,395.0700988769531]},{"page":13,"text":"--set-enabled","rect":[197.5287322998047,402.0,265.52391345500947,395.1298522949219]},{"page":13,"text":"powertools","rect":[270.7542724609375,403.4187316894531,323.0579100370407,395.1298522949219]},{"page":13,"text":"M` ake sure the database RPM is in `the current directory","rect":[72.0,427.3885192871094,354.4406309843063,419.03985595703127]},{"page":13,"text":"`sudo dnf install takserver-database-5.2-RELEASE-x.noarch.rpm","rect":[72.0,451.2387390136719,385.8219176054001,442.830322265625]},{"page":13,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,463.2535095214844,332.5227232694626,454.8450927734375]},{"page":13,"text":"Check Java version","rect":[71.99998474121094,485.11224365234377,155.15781342029573,477.87939453125]},{"page":13,"text":"j` ava -version","rect":[72.0,505.09649658203127,139.994753909111,496.8076171875]},{"page":13,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,528.7783203125,540.9261270694474,519.7223510742188]},{"page":13,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,540.7433471679688,319.59051171398166,531.7869262695313]},{"page":13,"text":"`sudo","rect":[72.0,557.0,92.9214583158493,550.546875]},{"page":13,"text":"alternatives","rect":[98.15182495117188,557.0,160.91620166301727,550.546875]},{"page":13,"text":"--config","rect":[166.1465606689453,558.905517578125,207.98945910930633,550.4871215820313]},{"page":13,"text":"java","rect":[213.21981811523438,558.8955688476563,234.14126880168915,550.606689453125]},{"page":13,"text":"`4.3.2.1.2","rect":[72.0,588.6066284179688,113.35475370883941,581.9715576171875]},{"page":13,"text":"RHEL8","rect":[124.81173706054688,588.6066284179688,166.31592772006989,581.6726684570313]},{"page":13,"text":"`Setup the extra postgres yum repo for the latest postgres and postgis. Disable the postgresql stream to","rect":[72.0,608.4823608398438,539.5263603500118,599.4163818359375]},{"page":13,"text":"`install the specifc postgres version we depend on. Install TAK Server RPM database and its dependencies.","rect":[72.0,620.4373779296875,540.3815883741379,611.2617797851563]},{"page":13,"text":"N` ote that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,638.3204956054688,539.730107972647,629.3541870117188]},{"page":13,"text":"`need to update the key, you can modify the postgres installation command based on your","rect":[72.0,650.2755126953125,539.7195196547831,641.3092041015625]},{"page":13,"text":"`operating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,662.71875,539.6889862175622,652.76611328125]},{"page":13,"text":"`rpm-repo-gpg-key-update/","rect":[72.0,674.6737060546875,205.46894285678864,664.7210693359375]},{"page":13,"text":"`sudo dnf","rect":[72.0,691.0,113.84292132854462,683.9790649414063]},{"page":13,"text":"-y","rect":[91.92499542236328,704.342529296875,102.38572223186493,697.787109375]},{"page":13,"text":"install","rect":[119.07328796386719,691.0,155.6858397245407,684.038818359375]},{"page":13,"text":"https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm","rect":[160.91619873046876,692.3974609375,527.0421324491501,683.2119140625]},{"page":13,"text":"12","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.2529296875]},{"page":14,"text":"`sudo dnf install","rect":[72.0,82.01276397705078,155.6858397245407,75.81602478027344]},{"page":14,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,96.18943786621094,609.7315855741501,87.00392150878906]},{"page":14,"text":"-y","rect":[91.92499542236328,108.1344985961914,102.38572223186493,101.5791015625]},{"page":14,"text":"s` udo dnf update -y && sudo dnf install java-17-openjdk-devel -y","rect":[72.0,132.04446411132813,401.51304919719697,123.53640747070313]},{"page":14,"text":"`sudo dnf module disable postgresql","rect":[72.0,144.0094451904297,249.83235461711883,135.59104919433595]},{"page":14,"text":"s` udo","rect":[72.0,154.0,92.9214583158493,147.6068878173828]},{"page":14,"text":"subscription-manager","rect":[98.15182495117188,155.9654998779297,202.75909717082977,147.6068878173828]},{"page":14,"text":"config","rect":[207.9894561767578,155.9654998779297,239.3716307401657,147.54710388183595]},{"page":14,"text":"--rhsm.manage_repos=1","rect":[244.60198974609376,155.9654998779297,354.4396544218063,147.49729919433595]},{"page":14,"text":"s` udo","rect":[72.0,166.0,92.9214583158493,159.56190490722657]},{"page":14,"text":"subscription-manager","rect":[98.15182495117188,167.92051696777345,202.75909717082977,159.56190490722657]},{"page":14,"text":"repos","rect":[207.9894561767578,167.8507843017578,234.14126880168915,161.0]},{"page":14,"text":"--enable","rect":[239.3716278076172,166.0,281.21519763469697,159.56190490722657]},{"page":14,"text":"codeready-builder-for-rhel-8-x86_64-rpms","rect":[286.4460144042969,167.91055297851563,495.6609678983688,159.44235229492188]},{"page":14,"text":"N` ote: If you get the error ‘This system has no repositories available through subscriptions’,","rect":[72.0,191.55154418945313,539.6871094517959,182.585205078125]},{"page":14,"text":"y` ou need to subscribe your system with “sudo subscription-manager register –username","rect":[72.0,203.50650024414063,539.6686502639906,194.5999298095703]},{"page":14,"text":"`<your_username> –password <your_password> –auto-attach”","rect":[72.0,215.45155334472657,394.62881613731386,206.55494689941407]},{"page":14,"text":"M` ake sure the database RPM is in the current directory","rect":[72.0,233.43434143066407,317.51832595920566,224.48793029785157]},{"page":14,"text":"s` udo dnf install takserver-database-5.2-RELEASE-x.noarch.rpm","rect":[72.0,251.53675842285157,385.8219176054001,243.12832641601563]},{"page":14,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,263.5514831542969,332.5227232694626,255.14305114746095]},{"page":14,"text":"Check Java version","rect":[71.99998474121094,285.4092102050781,155.15781342029573,278.1763610839844]},{"page":14,"text":"`java -version","rect":[72.0,305.39453125,139.994753909111,297.10565185546877]},{"page":14,"text":"T` his should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,329.0763854980469,540.9261270694474,320.0203857421875]},{"page":14,"text":"`then you can use the alternatives command to change it:","rect":[72.0,341.04132080078127,319.59051171398166,332.0849609375]},{"page":14,"text":"`sudo","rect":[72.0,358.0,92.9214583158493,350.8448486328125]},{"page":14,"text":"alternatives","rect":[98.15182495117188,358.0,160.91620166301727,350.8448486328125]},{"page":14,"text":"--config","rect":[166.1465606689453,359.2034912109375,207.98945910930633,350.78509521484377]},{"page":14,"text":"java","rect":[213.21981811523438,359.1935119628906,234.14126880168915,350.9046325683594]},{"page":14,"text":"`4.3.2.1.3","rect":[72.0,388.9046325683594,113.35475370883941,382.26953125]},{"page":14,"text":"RHEL7","rect":[124.81173706054688,388.9046325683594,166.31592772006989,381.97064208984377]},{"page":14,"text":"S` etup the extra postgres yum repo for the latest postgres and postgis. Install OpenJDK 17 and other","rect":[72.0,408.7803039550781,539.7498952878499,399.71435546875]},{"page":14,"text":"d` ependencies. Install TAK Server RPM database.","rect":[72.0,420.6158142089844,289.52337304210666,411.559814453125]},{"page":14,"text":"`Note that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,438.6185302734375,539.730107972647,429.6521911621094]},{"page":14,"text":"`need to update the key, you can modify the postgres installation command based on your","rect":[72.0,450.5735168457031,539.7195196547831,441.607177734375]},{"page":14,"text":"o` perating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,463.0166931152344,539.6889862175622,453.0640563964844]},{"page":14,"text":"r` pm-repo-gpg-key-update/","rect":[72.0,474.9716796875,205.46894285678864,465.01904296875]},{"page":14,"text":"`sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm","rect":[72.0,492.6954650878906,527.0421324491501,483.50994873046877]},{"page":14,"text":"-y","rect":[91.92499542236328,504.6405029296875,102.38572223186493,498.0851135253906]},{"page":14,"text":"`sudo yum install","rect":[72.0,516.5955200195313,155.6858397245407,508.246826171875]},{"page":14,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,528.5604248046875,609.7315855741501,519.3748779296875]},{"page":14,"text":"-y","rect":[91.92499542236328,540.5055541992188,102.38572223186493,533.9501342773438]},{"page":14,"text":"`sudo yum update -y","rect":[72.0,564.4165649414063,166.14656360149383,556.06787109375]},{"page":14,"text":"s` udo","rect":[72.0,587.0,92.9214583158493,579.9778442382813]},{"page":14,"text":"yum","rect":[98.15182495117188,588.3265380859375,113.84292132854462,581.0]},{"page":14,"text":"install","rect":[119.07328796386719,587.0,155.6858397245407,579.9778442382813]},{"page":14,"text":"-y","rect":[160.91619873046876,588.3265380859375,171.3769255399704,581.0]},{"page":14,"text":"postgis33_15","rect":[176.60728454589845,588.3364868164063,239.3716307401657,579.8682861328125]},{"page":14,"text":"postgis33_15-utils","rect":[244.60198974609376,588.3364868164063,338.74852283000947,579.8682861328125]},{"page":14,"text":"`sudo","rect":[72.0,599.0,92.9214583158493,591.932861328125]},{"page":14,"text":"yum","rect":[98.15182495117188,600.2815551757813,113.84292132854462,593.0]},{"page":14,"text":"install","rect":[119.07328796386719,599.0,155.6858397245407,591.932861328125]},{"page":14,"text":"-y","rect":[160.91619873046876,600.2815551757813,171.3769255399704,593.0]},{"page":14,"text":"postgresql15-server","rect":[176.60728454589845,600.29150390625,275.9841490507126,591.8233032226563]},{"page":14,"text":"postgresql15-contrib","rect":[281.21453857421877,600.29150390625,385.8219176054001,591.8233032226563]},{"page":14,"text":"`sudo yum install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[72.0,612.2365112304688,527.0421324491501,603.0609130859375]},{"page":14,"text":"N` ote that the yum package manager does not currently support JDK 17 on RHEL 7. By","rect":[72.0,635.8784790039063,539.7704167481174,626.971923828125]},{"page":14,"text":"`installing the package manually, you will be responsible for future security updates. For a safer","rect":[72.0,647.83349609375,539.6644502987539,638.8671875]},{"page":14,"text":"l` ong-term solution, we recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,659.7885131835938,529.7615654153824,650.8521118164063]},{"page":14,"text":"`Make sure the database RPM is in the current directory","rect":[72.0,677.7613525390625,317.51832595920566,668.81494140625]},{"page":14,"text":"`sudo rpm -ivh takserver-database-5.2-RELEASEx.noarch.rpm","rect":[72.0,695.8637084960938,364.9004088163376,687.4552612304688]},{"page":14,"text":"--nodeps","rect":[370.13079833984377,695.8637084960938,411.9738035917282,687.5748291015625]},{"page":14,"text":"C` heck Java version","rect":[72.0,717.78125,155.15781342029573,710.5484008789063]},{"page":14,"text":"13","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":15,"text":"j` ava -version","rect":[72.0,84.2244644165039,139.994753909111,75.93557739257813]},{"page":15,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,107.01033782958985,540.9261270694474,97.95433044433594]},{"page":15,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,118.9753189086914,319.59051171398166,110.01893615722656]},{"page":15,"text":"`sudo","rect":[72.0,135.0,92.9214583158493,127.88385772705078]},{"page":15,"text":"alternatives","rect":[98.15182495117188,135.0,160.91620166301727,127.88385772705078]},{"page":15,"text":"--config","rect":[166.1465606689453,136.2424774169922,207.98945910930633,127.82408142089844]},{"page":15,"text":"java","rect":[213.21981811523438,136.23251342773438,234.14126880168915,127.94363403320313]},{"page":15,"text":"4` .3.2.1.4","rect":[72.0,165.0,113.35475370883941,158.02752685546876]},{"page":15,"text":"Ubuntu & Raspberry Pi OS","rect":[124.81173706054688,166.54554748535157,265.74267428779606,157.5393524169922]},{"page":15,"text":"`Install the postgres repository (required in order to install up-to-date Postgresql and PostGIS packages.)","rect":[72.0,184.97665405273438,540.6643560222342,175.02401733398438]},{"page":15,"text":"`Install TAK Server database. Use database DEB. Confgure TAK Server Database installation","rect":[72.0,196.49337768554688,484.7205575609207,187.3178253173828]},{"page":15,"text":"N` ote that when installing postgres, you may run into issues related to the GPG key – if you need to update","rect":[72.0,214.42636108398438,539.5426413447286,205.3603973388672]},{"page":15,"text":"`the key, you can modify the postgres installation command based on your operating system according to the","rect":[72.0,226.38137817382813,539.5674926585874,217.31541442871095]},{"page":15,"text":"`guidelines here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/","rect":[72.0,238.77468872070313,431.5400462150574,228.82205200195313]},{"page":15,"text":"`sudo mkdir -p /etc/apt/keyrings","rect":[72.0,255.60350036621095,234.14126880168915,246.41798400878907]},{"page":15,"text":"`sudo curl https://www.postgresql.org/media/keys/ACCC4CF8.asc","rect":[72.0,279.51348876953127,385.8219176054001,270.3279724121094]},{"page":15,"text":"/etc/apt/keyrings/postgresql.asc","rect":[91.92499542236328,291.469482421875,259.29661853313447,282.2839660644531]},{"page":15,"text":"--output","rect":[391.05230712890627,279.4437255859375,432.8953123807907,271.72271728515627]},{"page":15,"text":"s` udo sh -c ’echo \"deb [signed-by=/etc/apt/keyrings/postgresql.asc]","rect":[72.0,315.3794860839844,417.2041197538376,306.1939697265625]},{"page":15,"text":"http://apt.postgresql.org/pub/repos/apt/","rect":[91.92499542236328,327.3345031738281,301.13963611125947,318.14898681640627]},{"page":15,"text":"$(lsb_release","rect":[306.3700256347656,325.87994384765627,374.3647948026657,318.14898681640627]},{"page":15,"text":"-cs)-pgdg","rect":[379.5951843261719,327.3345031738281,426.6685057401657,318.14898681640627]},{"page":15,"text":"/etc/apt/sources.list.d/postgresql.list’","rect":[91.92499542236328,339.28948974609377,301.1396055936813,330.1039733886719]},{"page":15,"text":"main\"","rect":[431.89886474609377,325.1128234863281,458.0506773710251,318.86627197265627]},{"page":15,"text":">","rect":[463.28106689453127,324.505126953125,468.5114317655563,319.5238037109375]},{"page":15,"text":"`sudo apt update","rect":[72.0,363.1307067871094,150.45547778606415,354.8418273925781]},{"page":15,"text":"s` udo apt install takserver-database-5.2-RELEASEx_all.deb","rect":[72.0,387.04071044921877,364.9004088163376,378.6322937011719]},{"page":15,"text":"`Open the fle /opt/tak/CoreConfg.example.xml and look for the auto-generated password for the database.","rect":[72.0,410.33465576171877,541.5191225486111,400.38201904296877]},{"page":15,"text":"T` his password will be used to confgure the Core Server.","rect":[71.64099884033203,421.851318359375,318.06588402843479,412.7853698730469]},{"page":15,"text":"`<connection url=\"jdbc:postgresql://127.0.0.1:5432/cot\"","rect":[72.0,439.1184997558594,354.4397154569626,429.9329833984375]},{"page":15,"text":"password=\"Database_password\"","rect":[91.92499542236328,451.00372314453127,238.3752165555954,442.6052551269531]},{"page":15,"text":"/>","rect":[243.60557556152345,449.6189270019531,254.06630237102508,441.8879699707031]},{"page":15,"text":"username=\"martiuser\"","rect":[359.67010498046877,436.8968200683594,464.2774229764938,430.6502685546875]},{"page":15,"text":"`Check Java version","rect":[72.0,472.0262451171875,155.15781342029573,464.79339599609377]},{"page":15,"text":"`java -version","rect":[72.0,491.1164855957031,139.994753909111,482.8276062011719]},{"page":15,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,513.90234375,540.9261270694474,504.84637451171877]},{"page":15,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,525.8673095703125,319.59051171398166,516.910888671875]},{"page":15,"text":"s` udo","rect":[72.0,542.0,92.9214583158493,534.7758178710938]},{"page":15,"text":"alternatives","rect":[98.15182495117188,542.0,160.91620166301727,534.7758178710938]},{"page":15,"text":"--config","rect":[166.1465606689453,543.1344604492188,207.98945910930633,534.716064453125]},{"page":15,"text":"java","rect":[213.21981811523438,543.12451171875,234.14126880168915,534.8356323242188]},{"page":15,"text":"4` .3.2.1.5","rect":[72.0,571.5556030273438,113.35475370883941,564.9205322265625]},{"page":15,"text":"CentOS 7","rect":[124.81173706054688,571.5556030273438,173.31965086460114,564.5120849609375]},{"page":15,"text":"S` etup the extra postgres yum repo for the latest postgres and postgis. Install OpenJDK 17 and other","rect":[72.0,591.4303588867188,539.7498952878499,582.3643798828125]},{"page":15,"text":"`dependencies. Install TAK Server RPM database.","rect":[72.0,603.2658081054688,289.52337304210666,594.2097778320313]},{"page":15,"text":"N` ote that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,621.2684936523438,539.730107972647,612.3021850585938]},{"page":15,"text":"n` eed to update the key, you can modify the postgres installation command based on your","rect":[72.0,633.2235107421875,539.7195196547831,624.2572021484375]},{"page":15,"text":"o` perating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,645.667724609375,539.6889862175622,635.715087890625]},{"page":15,"text":"r` pm-repo-gpg-key-update/","rect":[72.0,657.6226806640625,205.46894285678864,647.6700439453125]},{"page":15,"text":"s` udo","rect":[72.0,673.0,92.9214583158493,666.0918579101563]},{"page":15,"text":"yum","rect":[98.15182495117188,674.4405517578125,113.84292132854462,667.8851318359375]},{"page":15,"text":"install","rect":[119.07328796386719,673.0,155.6858397245407,666.0918579101563]},{"page":15,"text":"epel-release","rect":[160.91619873046876,674.3807373046875,223.680544924736,666.0918579101563]},{"page":15,"text":"-y","rect":[228.91090393066407,674.4405517578125,239.3716307401657,667.8851318359375]},{"page":15,"text":"s` udo yum install","rect":[72.0,698.3515014648438,155.6858397245407,690.0028076171875]},{"page":15,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,710.3164672851563,609.7315855741501,701.1309204101563]},{"page":15,"text":"-y","rect":[91.92499542236328,722.2615356445313,102.38572223186493,715.7061157226563]},{"page":15,"text":"14","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.143310546875]},{"page":16,"text":"s` udo yum update -y","rect":[72.0,96.17948150634766,166.14656360149383,87.83081817626953]},{"page":16,"text":"`sudo","rect":[72.0,119.0,92.9214583158493,111.74085235595703]},{"page":16,"text":"yum","rect":[98.15182495117188,120.08951568603516,113.84292132854462,113.0]},{"page":16,"text":"install","rect":[119.07328796386719,119.0,155.6858397245407,111.74085235595703]},{"page":16,"text":"-y","rect":[160.91619873046876,120.08951568603516,171.3769255399704,113.0]},{"page":16,"text":"postgis33_15","rect":[176.60728454589845,120.09947204589844,239.3716307401657,111.63126373291016]},{"page":16,"text":"postgis33_15-utils","rect":[244.60198974609376,120.09947204589844,338.74852283000947,111.63126373291016]},{"page":16,"text":"s` udo","rect":[72.0,131.0,92.9214583158493,123.69580841064453]},{"page":16,"text":"yum","rect":[98.15182495117188,132.04446411132813,113.84292132854462,125.0]},{"page":16,"text":"install","rect":[119.07328796386719,131.0,155.6858397245407,123.69580841064453]},{"page":16,"text":"-y","rect":[160.91619873046876,132.04446411132813,171.3769255399704,125.0]},{"page":16,"text":"postgresql15-server","rect":[176.60728454589845,132.05442810058595,275.9841490507126,123.58621978759766]},{"page":16,"text":"postgresql15-contrib","rect":[281.21453857421877,132.05442810058595,385.8219176054001,123.58621978759766]},{"page":16,"text":"`sudo yum install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[72.0,143.99948120117188,527.0421324491501,134.8239288330078]},{"page":16,"text":"N` ote that the yum package manager does not currently support JDK 17 on Centos 7. By installing the","rect":[72.0,167.69137573242188,539.587301545498,158.6254119873047]},{"page":16,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,179.64633178710938,539.5264494947168,170.5803680419922]},{"page":16,"text":"r` ecommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,191.5913848876953,368.66622582530979,182.53538513183595]},{"page":16,"text":"M` ake sure the database RPM is in the current directory","rect":[72.0,209.5243682861328,317.51832595920566,200.5779571533203]},{"page":16,"text":"`sudo yum install takserver-database-5.2-RELEASE-x.noarch.rpm","rect":[72.0,227.68649291992188,385.8219176054001,219.21829223632813]},{"page":16,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,239.64151000976563,332.5227232694626,231.2330780029297]},{"page":16,"text":"Check Java version","rect":[71.99998474121094,261.49920654296877,155.15781342029573,254.26634216308595]},{"page":16,"text":"`java -version","rect":[72.0,281.4844665527344,139.994753909111,273.1955871582031]},{"page":16,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,305.1654052734375,540.9261270694474,296.1094055175781]},{"page":16,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,317.13031005859377,319.59051171398166,308.1739501953125]},{"page":16,"text":"s` udo","rect":[72.0,334.0,92.9214583158493,326.933837890625]},{"page":16,"text":"alternatives","rect":[98.15182495117188,334.0,160.91620166301727,326.933837890625]},{"page":16,"text":"--config","rect":[166.1465606689453,335.29248046875,207.98945910930633,326.87408447265627]},{"page":16,"text":"java","rect":[213.21981811523438,335.2825012207031,234.14126880168915,326.9936218261719]},{"page":16,"text":"4` .3.3 Server Two: Core Server","rect":[72.0,364.99462890625,231.58091625118255,357.9510498046875]},{"page":16,"text":"4` .3.3.1 Prerequisites","rect":[72.0,385.206787109375,181.15023420238496,376.44964599609377]},{"page":16,"text":"S` tart with a fresh install of a supported OS. An install with a GUI is recommended,","rect":[72.0,403.1398010253906,440.5060827623686,394.08380126953127]},{"page":16,"text":"c` an be run locally to confgure TAK Server.","rect":[72.0,415.21435546875,263.162380610466,406.038818359375]},{"page":16,"text":"`Increase system limit for number of concurrent TCP connections (do once)","rect":[72.0,433.584716796875,398.73331707382206,423.632080078125]},{"page":16,"text":"echo -e \"* soft nofile 32768\\n*","rect":[72.0,449.85394287109377,234.14146716594696,442.12298583984377]},{"page":16,"text":"/etc/security/limits.conf>","rect":[91.92499542236328,463.2535095214844,233.1448240995407,454.0779724121094]},{"page":16,"text":"hard nofile","rect":[239.371826171875,449.0868225097656,296.9058409452438,442.8901062011719]},{"page":16,"text":"/dev/null","rect":[238.37518310546876,462.0,285.4484434843063,454.0779724121094]},{"page":16,"text":"32768\"","rect":[302.13623046875,449.13665771484377,333.51842029094697,442.79046630859377]},{"page":16,"text":"|","rect":[338.7488098144531,449.85394287109377,343.9791746854782,442.12298583984377]},{"page":16,"text":"sudo","rect":[349.20953369140627,450.0,370.1309996366501,442.9498596191406]},{"page":16,"text":"tee","rect":[375.3613586425781,450.0,391.0524473905563,443.5177307128906]},{"page":16,"text":"--append","rect":[396.2828369140625,451.2387390136719,438.1257506132126,442.9498596191406]},{"page":16,"text":"so","rect":[443.8269348144531,402.0,452.7424154430234,396.0]},{"page":16,"text":"that","rect":[456.0632629394531,402.0,474.32299817284868,394.302978515625]},{"page":16,"text":"a","rect":[477.6538391113281,402.0,482.6401205211484,396.0]},{"page":16,"text":"web","rect":[485.9609680175781,402.0,502.84449526529115,394.302978515625]},{"page":16,"text":"browser","rect":[506.16534423828127,402.0,539.7629195234169,394.302978515625]},{"page":16,"text":"`4.3.3.2 Install TAK Server","rect":[72.0,492.96563720703127,211.79519542598724,485.912109375]},{"page":16,"text":"`4.3.3.2.1","rect":[72.0,519.0,113.35475370883941,512.2255249023438]},{"page":16,"text":"Rocky Linux8","rect":[124.81173706054688,520.7435302734375,198.176309800148,511.8469543457031]},{"page":16,"text":"`sudo","rect":[72.0,537.0,92.9214583158493,530.6068115234375]},{"page":16,"text":"dnf","rect":[98.15182495117188,537.0,113.84292132854462,530.5470581054688]},{"page":16,"text":"install","rect":[119.07328796386719,537.0,155.6858397245407,530.6068115234375]},{"page":16,"text":"java-17-openjdk-devel","rect":[160.91619873046876,538.9555053710938,270.7538023710251,530.4474487304688]},{"page":16,"text":"-y","rect":[275.9841613769531,538.9555053710938,286.4449034452438,532.0]},{"page":16,"text":"s` udo dnf install takserver-core-5.2-RELEASEx.noarch.rpm","rect":[72.0,550.8507080078125,359.67003161907197,542.4422607421875]},{"page":16,"text":"s` udo dnf install checkpolicy","rect":[72.0,562.8665161132813,218.45018298625946,554.4580688476563]},{"page":16,"text":"cd","rect":[72.0,572.6098022460938,82.46072680950165,566.4728393554688]},{"page":16,"text":"/opt/tak","rect":[87.69100189208985,574.76171875,129.53392322063446,565.6459350585938]},{"page":16,"text":"&&","rect":[134.7642822265625,572.6596069335938,145.2250242948532,566.36328125]},{"page":16,"text":"sudo","rect":[150.45538330078126,573.0,171.37684924602508,566.4728393554688]},{"page":16,"text":"./apply-selinux.sh","rect":[176.60720825195313,574.821533203125,270.7537108182907,565.6459350585938]},{"page":16,"text":"&&","rect":[275.98406982421877,572.6596069335938,286.44481189250947,566.36328125]},{"page":16,"text":"sudo","rect":[291.6751708984375,573.0,312.5966063261032,566.4728393554688]},{"page":16,"text":"semodule","rect":[317.82696533203127,573.0,359.66990954875947,566.4728393554688]},{"page":16,"text":"-y","rect":[364.9004211425781,550.9105224609375,375.3611632108688,544.0]},{"page":16,"text":"-l","rect":[364.9002990722656,573.0,375.3610411405563,566.4728393554688]},{"page":16,"text":"|","rect":[380.5914306640625,573.376953125,385.8217955350876,565.6459350585938]},{"page":16,"text":"Check Java version","rect":[70.81900024414063,596.6792602539063,154.5546390209198,589.4464111328125]},{"page":16,"text":"j` ava -version","rect":[72.0,616.66455078125,139.994753909111,608.3756713867188]},{"page":16,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells","rect":[71.64099884033203,640.3453369140625,387.0362122170117,631.2893676757813]},{"page":16,"text":"`then you can use the alternatives command to change it:","rect":[72.0,652.3103637695313,319.59051171398166,643.3539428710938]},{"page":16,"text":"s` udo","rect":[72.0,669.0,92.9214583158493,662.1138305664063]},{"page":16,"text":"alternatives","rect":[98.15182495117188,669.0,160.91620166301727,662.1138305664063]},{"page":16,"text":"--config","rect":[166.1465606689453,670.4724731445313,207.98945910930633,662.0540771484375]},{"page":16,"text":"java","rect":[213.21981811523438,670.4625244140625,234.14126880168915,662.1736450195313]},{"page":16,"text":"grep takserver","rect":[391.05218505859377,574.8314819335938,464.27745349407197,566.4728393554688]},{"page":16,"text":"you your Java version","rect":[390.29718017578127,640.3453369140625,483.17589077785956,631.508544921875]},{"page":16,"text":"is","rect":[486.4368591308594,639.0,492.9880554787305,631.767578125]},{"page":16,"text":"not","rect":[496.2392578125,639.0,510.32776030314428,632.1859741210938]},{"page":16,"text":"17.x.y,","rect":[513.5887451171875,640.3453369140625,540.9261270694474,631.5782470703125]},{"page":16,"text":"15","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":17,"text":"4` .3.3.2.2","rect":[72.0,82.06257629394531,113.35475370883941,75.427490234375]},{"page":17,"text":"RHEL8","rect":[124.81173706054688,82.06257629394531,166.31592772006989,75.12860870361328]},{"page":17,"text":"`sudo dnf update -y && sudo dnf install java-17-openjdk-devel","rect":[72.0,102.15653228759766,385.8219176054001,93.64846801757813]},{"page":17,"text":"`sudo","rect":[72.0,113.0,92.9214583158493,105.76392364501953]},{"page":17,"text":"dnf","rect":[98.15182495117188,113.0,113.84292132854462,105.70414733886719]},{"page":17,"text":"install","rect":[119.07328796386719,113.0,155.6858397245407,105.76392364501953]},{"page":17,"text":"takserver-core-5.2-RELEASEx.noarch.rpm","rect":[160.91619873046876,114.05281066894531,359.67003161907197,105.64437103271485]},{"page":17,"text":"-y","rect":[364.9004211425781,114.11258697509766,375.3611632108688,107.0]},{"page":17,"text":"s` udo dnf install checkpolicy","rect":[72.0,126.0674819946289,218.45018298625946,117.65904235839844]},{"page":17,"text":"cd","rect":[72.0,135.81080627441407,82.46072680950165,129.67384338378907]},{"page":17,"text":"/opt/tak","rect":[87.69100189208985,137.9627227783203,129.53392322063446,128.84693908691407]},{"page":17,"text":"&&","rect":[134.7642822265625,135.86061096191407,145.2250242948532,129.5642547607422]},{"page":17,"text":"sudo","rect":[150.45538330078126,137.0,171.37684924602508,129.67384338378907]},{"page":17,"text":"./apply-selinux.sh","rect":[176.60720825195313,138.02249145507813,270.7537108182907,128.84693908691407]},{"page":17,"text":"&&","rect":[275.98406982421877,135.86061096191407,286.44481189250947,129.5642547607422]},{"page":17,"text":"sudo","rect":[291.6751708984375,137.0,312.5966063261032,129.67384338378907]},{"page":17,"text":"semodule","rect":[317.82696533203127,137.0,359.66990954875947,129.67384338378907]},{"page":17,"text":"-l","rect":[364.9002990722656,137.0,375.3610411405563,129.67384338378907]},{"page":17,"text":"|","rect":[380.5914306640625,136.5779266357422,385.8217955350876,128.84693908691407]},{"page":17,"text":"Check Java version","rect":[70.81900024414063,159.8801727294922,154.5546390209198,152.64732360839845]},{"page":17,"text":"j` ava -version","rect":[72.0,179.86550903320313,139.994753909111,171.57662963867188]},{"page":17,"text":"T` his should tell you you have 17.x.y. If the “java -version” command tells","rect":[71.64099884033203,203.5463409423828,387.0362122170117,194.49034118652345]},{"page":17,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,215.51132202148438,319.59051171398166,206.55494689941407]},{"page":17,"text":"s` udo","rect":[72.0,232.0,92.9214583158493,225.31483459472657]},{"page":17,"text":"alternatives","rect":[98.15182495117188,232.0,160.91620166301727,225.31483459472657]},{"page":17,"text":"--config","rect":[166.1465606689453,233.67344665527345,207.98945910930633,225.2550506591797]},{"page":17,"text":"java","rect":[213.21981811523438,233.66348266601563,234.14126880168915,225.37460327148438]},{"page":17,"text":"-y","rect":[391.05230712890627,102.15653228759766,401.51304919719697,95.0]},{"page":17,"text":"grep takserver","rect":[391.05218505859377,138.03245544433595,464.27745349407197,129.67384338378907]},{"page":17,"text":"you your Java version","rect":[390.29718017578127,203.5463409423828,483.17589077785956,194.7095184326172]},{"page":17,"text":"is","rect":[486.4368591308594,202.0,492.9880554787305,194.9685516357422]},{"page":17,"text":"not","rect":[496.2392578125,202.0,510.32776030314428,195.38697814941407]},{"page":17,"text":"17.x.y,","rect":[513.5887451171875,203.5463409423828,540.9261270694474,194.77926635742188]},{"page":17,"text":"`4.3.3.2.3","rect":[72.0,263.3756408691406,113.35475370883941,256.74053955078127]},{"page":17,"text":"RHEL7","rect":[124.81173706054688,263.3756408691406,166.31592772006989,256.441650390625]},{"page":17,"text":"I` nstall EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository","rect":[72.0,283.68865966796877,539.869283392702,273.73602294921877]},{"page":17,"text":"(required in order to install up-to-date Postgresql and PostGIS packages.) Install OpenJDK 17 and other","rect":[70.83399963378906,295.6437072753906,539.7220022214436,285.6910705566406]},{"page":17,"text":"`dependencies. Install Tak server.","rect":[72.0,307.04180908203127,214.85372582530978,298.2049865722656]},{"page":17,"text":"`Note that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,325.04351806640627,539.730107972647,316.0771789550781]},{"page":17,"text":"n` eed to update the key, you can modify the postgres installation command based on your","rect":[72.0,336.9995422363281,539.7195196547831,328.033203125]},{"page":17,"text":"o` perating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,349.44268798828127,539.6889862175622,339.49005126953127]},{"page":17,"text":"r` pm-repo-gpg-key-update/","rect":[72.0,361.397705078125,205.46894285678864,351.445068359375]},{"page":17,"text":"s` udo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm","rect":[72.0,379.1214904785156,527.0421324491501,369.93597412109377]},{"page":17,"text":"-y","rect":[91.92499542236328,391.0664978027344,102.38572223186493,384.5111083984375]},{"page":17,"text":"`sudo yum install","rect":[72.0,403.021484375,155.6858397245407,394.6728210449219]},{"page":17,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,414.9864807128906,609.7315855741501,405.80096435546877]},{"page":17,"text":"-y","rect":[91.92499542236328,426.9315185546875,102.38572223186493,420.3761291503906]},{"page":17,"text":"`sudo yum","rect":[72.0,438.88751220703127,113.84292132854462,430.5388488769531]},{"page":17,"text":"`sudo yum","rect":[72.0,450.8424987792969,113.84292132854462,442.49383544921877]},{"page":17,"text":"s` udo yum","rect":[72.0,462.7975158691406,113.84292132854462,454.4488525390625]},{"page":17,"text":"s` udo rpm","rect":[72.0,474.6927185058594,113.84292132854462,466.4038391113281]},{"page":17,"text":"install","rect":[119.07328796386719,437.0,155.6858397245407,430.5388488769531]},{"page":17,"text":"-y","rect":[160.91619873046876,438.88751220703127,171.3769255399704,432.0]},{"page":17,"text":"postgis33_15","rect":[176.60728454589845,438.8974914550781,239.3716307401657,430.42926025390627]},{"page":17,"text":"postgis33_15-utils","rect":[244.60198974609376,438.8974914550781,338.74852283000947,430.42926025390627]},{"page":17,"text":"install","rect":[119.07328796386719,449.0,155.6858397245407,442.49383544921877]},{"page":17,"text":"-y","rect":[160.91619873046876,450.8424987792969,171.3769255399704,444.0]},{"page":17,"text":"postgresql15-server","rect":[176.60728454589845,450.85247802734377,275.9841490507126,442.3842468261719]},{"page":17,"text":"postgresql15-contrib","rect":[281.21453857421877,450.85247802734377,385.8219176054001,442.3842468261719]},{"page":17,"text":"install -y https://download.oracle.com/java/17/latest/jdk-17_linuxx64_bin.rpm","rect":[119.07328796386719,462.7975158691406,521.8117247343064,453.6219787597656]},{"page":17,"text":"-ivh","rect":[119.07328796386719,473.0,139.994753909111,466.4038391113281]},{"page":17,"text":"takserver-core-5.2-RELEASEx.noarch.rpm","rect":[145.22511291503907,474.6927185058594,343.9789000272751,466.2843017578125]},{"page":17,"text":"--nodeps","rect":[349.20928955078127,474.6927185058594,391.0522948026657,466.4038391113281]},{"page":17,"text":"`Note that the yum package manager does not currently support JDK 17 on RHEL 7. By installing the","rect":[72.0,498.4433288574219,539.607565217373,489.4869689941406]},{"page":17,"text":"`package manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,510.3993225097656,539.5264494947168,501.3333740234375]},{"page":17,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,522.3443603515625,368.66622582530979,513.2883911132813]},{"page":17,"text":"Check Java version","rect":[70.81900024414063,538.4532470703125,154.5546390209198,531.2203979492188]},{"page":17,"text":"j` ava -version","rect":[72.0,558.4385375976563,139.994753909111,550.149658203125]},{"page":17,"text":"T` his should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,582.120361328125,540.9261270694474,573.0643920898438]},{"page":17,"text":"`then you can use the alternatives command to change it:","rect":[72.0,594.0853271484375,319.59051171398166,585.12890625]},{"page":17,"text":"`sudo","rect":[72.0,611.0,92.9214583158493,603.8878173828125]},{"page":17,"text":"alternatives","rect":[98.15182495117188,611.0,160.91620166301727,603.8878173828125]},{"page":17,"text":"--config","rect":[166.1465606689453,612.2464599609375,207.98945910930633,603.8280639648438]},{"page":17,"text":"java","rect":[213.21981811523438,612.2365112304688,234.14126880168915,603.9476318359375]},{"page":17,"text":"`4.3.3.2.4","rect":[72.0,642.0,113.35475370883941,635.3135375976563]},{"page":17,"text":"`sudo apt","rect":[72.0,661.9837036132813,113.84292132854462,653.69482421875]},{"page":17,"text":"Ubuntu & Raspberry Pi OS","rect":[124.81173706054688,643.83154296875,265.74267428779606,634.8253784179688]},{"page":17,"text":"install takserver-core-5.2-RELEASEx_all.deb","rect":[119.07328796386719,660.0,343.9789000272751,653.5752563476563]},{"page":17,"text":"Check Java version","rect":[70.81900024414063,683.9012451171875,154.5546390209198,676.6683959960938]},{"page":17,"text":"j` ava -version","rect":[72.0,703.8865356445313,139.994753909111,695.59765625]},{"page":17,"text":"16","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":18,"text":"T` his should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,83.99532318115235,540.9261270694474,74.93931579589844]},{"page":18,"text":"t` hen you can use the alternatives command to change it:","rect":[72.0,95.9603042602539,319.59051171398166,87.00392150878906]},{"page":18,"text":"`sudo","rect":[72.0,113.0,92.9214583158493,105.76392364501953]},{"page":18,"text":"alternatives","rect":[98.15182495117188,113.0,160.91620166301727,105.76392364501953]},{"page":18,"text":"--config","rect":[166.1465606689453,114.12254333496094,207.98945910930633,105.70414733886719]},{"page":18,"text":"java","rect":[213.21981811523438,114.11258697509766,234.14126880168915,105.82369995117188]},{"page":18,"text":"4` .3.3.2.5","rect":[72.0,143.8236846923828,113.35475370883941,137.1885986328125]},{"page":18,"text":"CentOS 7","rect":[124.81173706054688,143.8236846923828,173.31965086460114,136.78012084960938]},{"page":18,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository","rect":[72.0,164.13772583007813,539.869283392702,154.18508911132813]},{"page":18,"text":"(required in order to install up-to-date Postgresql and PostGIS packages.) Install OpenJDK 17 and other","rect":[70.83399963378906,176.09268188476563,539.7220022214436,166.14004516601563]},{"page":18,"text":"d` ependencies. Install Tak server.","rect":[72.0,187.48973083496095,214.85372582530978,178.6529083251953]},{"page":18,"text":"N` ote that when installing postgres, you may run into issues related to the GPG key – if you","rect":[72.0,205.49252319335938,539.730107972647,196.52618408203126]},{"page":18,"text":"`need to update the key, you can modify the postgres installation command based on your","rect":[72.0,217.44754028320313,539.7195196547831,208.481201171875]},{"page":18,"text":"`operating system according to the guidelines here: https://yum.postgresql.org/news/pgdg-","rect":[72.0,229.89065551757813,539.6889862175622,219.93801879882813]},{"page":18,"text":"r` pm-repo-gpg-key-update/","rect":[72.0,241.84567260742188,205.46894285678864,231.89303588867188]},{"page":18,"text":"`sudo","rect":[72.0,258.0,92.9214583158493,251.21083068847657]},{"page":18,"text":"yum","rect":[98.15182495117188,259.5594787597656,113.84292132854462,253.0]},{"page":18,"text":"install","rect":[119.07328796386719,258.0,155.6858397245407,251.21083068847657]},{"page":18,"text":"epel-release","rect":[160.91619873046876,259.49969482421877,223.680544924736,251.21083068847657]},{"page":18,"text":"-y","rect":[228.91090393066407,259.5594787597656,239.3716307401657,253.0]},{"page":18,"text":"`sudo yum install","rect":[72.0,271.5144958496094,155.6858397245407,263.16583251953127]},{"page":18,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,283.4794616699219,609.7315855741501,274.2939453125]},{"page":18,"text":"-y","rect":[91.92499542236328,295.4245300292969,102.38572223186493,288.869140625]},{"page":18,"text":"s` udo yum","rect":[72.0,307.3805236816406,113.84292132854462,299.0318603515625]},{"page":18,"text":"`sudo yum","rect":[72.0,319.33551025390627,113.84292132854462,310.9868469238281]},{"page":18,"text":"s` udo yum","rect":[72.0,331.2904968261719,113.84292132854462,322.94183349609377]},{"page":18,"text":"`sudo rpm","rect":[72.0,343.1856994628906,113.84292132854462,334.8968200683594]},{"page":18,"text":"install","rect":[119.07328796386719,306.0,155.6858397245407,299.0318603515625]},{"page":18,"text":"-y","rect":[160.91619873046876,307.3805236816406,171.3769255399704,300.0]},{"page":18,"text":"postgis33_15","rect":[176.60728454589845,307.3905029296875,239.3716307401657,298.9222717285156]},{"page":18,"text":"postgis33_15-utils","rect":[244.60198974609376,307.3905029296875,338.74852283000947,298.9222717285156]},{"page":18,"text":"install","rect":[119.07328796386719,318.0,155.6858397245407,310.9868469238281]},{"page":18,"text":"-y","rect":[160.91619873046876,319.33551025390627,171.3769255399704,312.0]},{"page":18,"text":"postgresql15-server","rect":[176.60728454589845,319.3454895019531,275.9841490507126,310.87725830078127]},{"page":18,"text":"postgresql15-contrib","rect":[281.21453857421877,319.3454895019531,385.8219176054001,310.87725830078127]},{"page":18,"text":"install -y https://download.oracle.com/java/17/latest/jdk-17_linuxx64_bin.rpm","rect":[119.07328796386719,331.2904968261719,521.8117247343064,322.1149597167969]},{"page":18,"text":"-ivh","rect":[119.07328796386719,342.0,139.994753909111,334.8968200683594]},{"page":18,"text":"takserver-core-5.2-RELEASEx.noarch.rpm","rect":[145.22511291503907,343.1856994628906,343.9789000272751,334.77728271484377]},{"page":18,"text":"--nodeps","rect":[349.20928955078127,343.1856994628906,391.0522948026657,334.8968200683594]},{"page":18,"text":"N` ote that the yum package manager does not currently support JDK 17 on Centos 7. By installing the","rect":[72.0,366.93731689453127,539.587301545498,357.8713684082031]},{"page":18,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,378.892333984375,539.5264494947168,369.8263854980469]},{"page":18,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,390.8373718261719,368.66622582530979,381.7813720703125]},{"page":18,"text":"Check Java version","rect":[70.81900024414063,406.9472351074219,154.5546390209198,399.7143859863281]},{"page":18,"text":"`java -version","rect":[72.0,426.9315185546875,139.994753909111,418.64263916015627]},{"page":18,"text":"`This should tell you you have 17.x.y. If the “java -version” command tells you your Java version is not 17.x.y,","rect":[71.64099884033203,450.6133728027344,540.9261270694474,441.557373046875]},{"page":18,"text":"`then you can use the alternatives command to change it:","rect":[72.0,462.5783386230469,319.59051171398166,453.6219787597656]},{"page":18,"text":"`sudo","rect":[72.0,479.0,92.9214583158493,472.3818359375]},{"page":18,"text":"alternatives","rect":[98.15182495117188,479.0,160.91620166301727,472.3818359375]},{"page":18,"text":"--config","rect":[166.1465606689453,480.740478515625,207.98945910930633,472.32208251953127]},{"page":18,"text":"java","rect":[213.21981811523438,480.7304992675781,234.14126880168915,472.4416198730469]},{"page":18,"text":"`4.3.3.2.6","rect":[72.0,511.0,113.35475370883941,503.8065185546875]},{"page":18,"text":"yum install From tak.gov","rect":[124.81173706054688,512.33447265625,251.30689582920076,503.4279479980469]},{"page":18,"text":"C` heck to see if a .repo fle exists for tak.gov","rect":[72.0,530.3173828125,263.25199905490879,521.2514038085938]},{"page":18,"text":"`ls /etc/yum.repos.d/Takserver.repo","rect":[72.0,548.4685668945313,249.83235461711883,539.29296875]},{"page":18,"text":"`If it exists, skip down to the yum install of takserver database. If it doesn’t exist, create a new .repo fle to","rect":[72.0,572.1503295898438,539.4949717521668,563.0943603515625]},{"page":18,"text":"p` oint yum to the yum repo on tak.gov.","rect":[72.0,584.1153564453125,242.89841881847384,575.158935546875]},{"page":18,"text":"cd /etc/yum.repos.d","rect":[72.0,602.2675170898438,171.37684924602508,593.0919189453125]},{"page":18,"text":"`sudo vi Takserver.repo","rect":[72.0,614.1627197265625,187.06801135540008,605.8738403320313]},{"page":18,"text":"`You can also edit using another editor besides vi. Update the fle Takserver.repo to contain:","rect":[71.62100219726563,637.913330078125,473.46245995616916,628.8473510742188]},{"page":18,"text":"[takrepo]","rect":[72.0,656.0057373046875,119.07329089641572,646.8899536132813]},{"page":18,"text":"name=TakserverRepository","rect":[72.0,668.0205688476563,197.5287352323532,659.671875]},{"page":18,"text":"baseurl=https://<ARTIFACTORY_USER>:<ARTIFACTORY_TOKEN>@artifacts.tak.gov/artifactory/takserver-yum","rect":[72.0,679.9854736328125,584.5762511014939,670.7999267578125]},{"page":18,"text":"enabled=1","rect":[72.0,689.7188110351563,119.07329089641572,683.4722900390625]},{"page":18,"text":"gpgcheck=0","rect":[72.0,703.896484375,124.30365283489228,695.4282836914063]},{"page":18,"text":"17","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.1532592773438]},{"page":19,"text":"W ` here <ARTIFACTORY_USER> is a valid login to Artifactory that has access to the takserver-yum","rect":[71.49199676513672,84.00528717041016,539.6077666849166,74.82972717285156]},{"page":19,"text":"r` epo and <ARTIFACTORY_TOKEN> is a special token unique to the given Artifactory user that can be","rect":[72.0,95.9603042602539,539.6012473132632,86.78474426269531]},{"page":19,"text":"`retrieved by that user using the “Set Me Up” menu option to retrieve it.","rect":[72.0,107.91532135009766,388.22286645030979,98.84934997558594]},{"page":19,"text":"Note: Do NOT use your password as it the Token is more secure and cannot be used for logging in. Only for","rect":[71.44000244140625,125.83834075927735,539.5368927678181,116.78233337402344]},{"page":19,"text":"retrieving or publishing.","rect":[71.34800720214844,137.79335021972657,175.00886741447449,128.84693908691407]},{"page":19,"text":"A` lso note: When you change the password of the given user, you will also need to retrieve the new token","rect":[71.25700378417969,155.7263946533203,539.7486803029445,146.56080627441407]},{"page":19,"text":"which is based on it and update the baseurl in the Takserver.repo fle.","rect":[71.34800720214844,167.68141174316407,372.36789146232607,158.6254119873047]},{"page":19,"text":"`Save the Takserver.repo fle and then do the install of the takserver.","rect":[72.00000762939453,185.5048065185547,369.1943325147629,176.5583953857422]},{"page":19,"text":"s` udo yum install takserver-core-5.2-RELEASEx","rect":[72.0,203.77548217773438,302.13597400188447,195.30728149414063]},{"page":19,"text":"4` .3.3.3 Confguration","rect":[72.0,235.38052368164063,184.69692843818667,226.4141845703125]},{"page":19,"text":"C` onfgure database connection by updating /opt/tak/CoreConfg.xml:","rect":[72.0,253.80068969726563,378.74837914562229,243.84805297851563]},{"page":19,"text":"<repository enable=\"true\"","rect":[72.0,271.5144958496094,202.75955493450165,263.0562438964844]},{"page":19,"text":"insertionBatchSize=\"500\">","rect":[72.0,281.3076171875,202.75911242961883,275.01123046875]},{"page":19,"text":"numDbConnections=\"200\"","rect":[207.9899139404297,269.3526306152344,323.05797107219697,263.0562438964844]},{"page":19,"text":"primaryKeyBatchSize=\"500\"","rect":[328.2883605957031,271.5144958496094,459.04747302532197,263.0562438964844]},{"page":19,"text":"`<connection url=\"jdbc:postgresql://<Database_server_IP_address>:5432/cot\"","rect":[72.0,295.43450927734377,453.8166075468063,286.2489929199219]},{"page":19,"text":"username=\"martiuser\"","rect":[91.92499542236328,305.1688232421875,196.53230578899383,298.9222717285156]},{"page":19,"text":"password=\"Database_password\"/>","rect":[72.0,319.2757263183594,228.9109373807907,310.15997314453127]},{"page":19,"text":"</repository>","rect":[72.0,331.2904968261719,139.994753909111,322.1149597167969]},{"page":19,"text":"s` udo","rect":[72.0,354.0,92.9214583158493,346.8518371582031]},{"page":19,"text":"systemctl","rect":[98.15182495117188,355.20050048828127,145.22511584758758,346.8518371582031]},{"page":19,"text":"daemon-reload","rect":[150.45547485351563,354.0,218.45018298625946,346.8518371582031]},{"page":19,"text":"S` tart/stop TAK Server services with:","rect":[72.0,379.3306884765625,234.53982201671603,369.3780517578125]},{"page":19,"text":"`sudo","rect":[72.0,396.0,92.9214583158493,388.69482421875]},{"page":19,"text":"systemctl","rect":[98.15182495117188,397.0434875488281,145.22511584758758,388.69482421875]},{"page":19,"text":"[start|stop]","rect":[150.45547485351563,396.98370361328127,213.2198210477829,387.8679504394531]},{"page":19,"text":"takserver","rect":[218.45018005371095,396.0,265.5234556913376,388.69482421875]},{"page":19,"text":"`Or on resource limited hosts:","rect":[72.0,418.9022216796875,198.30584374523165,411.66937255859377]},{"page":19,"text":"`sudo","rect":[72.0,437.0,92.9214583158493,430.5388488769531]},{"page":19,"text":"systemctl","rect":[98.15182495117188,438.88751220703127,145.22511584758758,430.5388488769531]},{"page":19,"text":"[start|stop]","rect":[150.45547485351563,438.8277282714844,213.2198210477829,429.71197509765627]},{"page":19,"text":"takserver-noplugins","rect":[218.45018005371095,438.8974914550781,317.8270445585251,430.5388488769531]},{"page":19,"text":"`You can set TAK Server to start at boot by running","rect":[71.62100219726563,462.5783386230469,300.2327342033386,453.4028015136719]},{"page":19,"text":"`sudo","rect":[72.0,479.0,92.9214583158493,472.3818359375]},{"page":19,"text":"systemctl","rect":[98.15182495117188,480.7304992675781,145.22511584758758,472.3818359375]},{"page":19,"text":"enable","rect":[150.45599365234376,478.518798828125,181.8381834745407,472.3818359375]},{"page":19,"text":"takserver","rect":[187.06898498535157,478.518798828125,234.14227588176727,472.3818359375]},{"page":19,"text":"For secure operation, TAK Server requires a keystore and truststore (X.509 certifcates).","rect":[71.99998474121094,504.85968017578127,457.58245507335666,494.90704345703127]},{"page":19,"text":"N` ext, follow the instructions in Appendix B to create these certifcates. TAK Server by default is TLS only,","rect":[72.0,522.3443603515625,540.8846358897621,513.1787719726563]},{"page":19,"text":"`so certifcate generation, including an administrative certifcate is required for confguration.","rect":[72.0,534.309326171875,474.30965844249729,525.2433471679688]},{"page":19,"text":"`Verify that the steps in Appendix B have been followed by checking the following items:","rect":[71.62100219726563,552.2423706054688,456.22713891124729,543.0667724609375]},{"page":19,"text":"`Certifcates are present at:","rect":[72.0,570.0548095703125,187.46651879405978,561.1083984375]},{"page":19,"text":"/opt/tak/certs/files","rect":[72.0,588.2667236328125,176.60728747844696,579.1509399414063]},{"page":19,"text":"`The admin cert has been generated and an admin account in TAK Server was created with the command:","rect":[71.64099884033203,612.017333984375,535.0411953077316,602.8417358398438]},{"page":19,"text":"`sudo","rect":[72.0,629.0,92.9214583158493,621.8208618164063]},{"page":19,"text":"java","rect":[98.15182495117188,630.1695556640625,119.07329089641572,621.8806762695313]},{"page":19,"text":"-jar","rect":[124.30364990234375,630.1695556640625,145.22511584758758,621.8806762695313]},{"page":19,"text":"/opt/tak/utils/UserManager.jar","rect":[150.45547485351563,630.1795043945313,307.3663511991501,620.9939575195313]},{"page":19,"text":"certmod","rect":[312.5966796875,629.0,349.2092772245407,621.8208618164063]},{"page":19,"text":"-A","rect":[354.4396667480469,629.0,364.9004088163376,621.7012939453125]},{"page":19,"text":"/opt/tak/certs/files/admin.pem","rect":[370.13079833984377,630.1097412109375,527.0421324491501,620.9939575195313]},{"page":19,"text":"`Import this client certifcate into your browser.","rect":[72.0,653.851318359375,277.0800747022629,644.7953491210938]},{"page":19,"text":"I` f you are using Firefox, go to S` ettings","rect":[72.0,672.0224609375,241.86793811321258,662.7273559570313]},{"page":19,"text":"`View Certificates","rect":[72.0,681.8056030273438,160.91620166301727,675.50927734375]},{"page":19,"text":"`Go to Import. Upload this fle:","rect":[72.0,701.561767578125,207.3518795118332,692.6153564453125]},{"page":19,"text":"/opt/tak/certs/files/admin.p12","rect":[72.0,719.7737426757813,228.91090686321258,710.657958984375]},{"page":19,"text":"->","rect":[325.5537414550781,671.0,336.0144835233688,665.0]},{"page":19,"text":"Privacy","rect":[341.24481201171877,672.0125122070313,377.8573790311813,663.663818359375]},{"page":19,"text":"&","rect":[383.08770751953127,669.8505859375,388.3180723905563,663.5542602539063]},{"page":19,"text":"Security","rect":[393.5484619140625,672.0125122070313,435.39134509563447,663.5542602539063]},{"page":19,"text":"->","rect":[440.6217041015625,671.0,451.0824156522751,665.0]},{"page":19,"text":"Certificates","rect":[456.31280517578127,671.0,519.0772886991501,663.5542602539063]},{"page":19,"text":"->","rect":[524.3076782226563,671.0,534.7684508085251,665.0]},{"page":19,"text":"18","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":20,"text":"`Enter the certifcate","rect":[72.0,82.06257629394531,159.25243481826784,74.93931579589844]},{"page":20,"text":"Browse to:","rect":[71.99998474121094,99.99458312988281,118.11686364269257,93.09049987792969]},{"page":20,"text":"password.","rect":[162.5799560546875,83.88573455810547,205.0206264600754,75.04890441894531]},{"page":20,"text":"The","rect":[209.44403076171876,82.0,226.58965405654909,75.04890441894531]},{"page":20,"text":"default","rect":[229.90721130371095,82.06257629394531,260.03409832382206,74.93931579589844]},{"page":20,"text":"password","rect":[263.3516540527344,83.88573455810547,303.04260956287387,75.04890441894531]},{"page":20,"text":"is","rect":[306.36016845703127,82.0,313.0450763149261,75.41752624511719]},{"page":20,"text":"atakatak","rect":[316.6099853515625,82.01276397705078,358.4528990507126,75.87580108642578]},{"page":20,"text":"https://localhost:8443","rect":[72.0,120.02973937988281,187.06801135540008,110.91395568847656]},{"page":20,"text":"S` elect the admin certifcate to log in.","rect":[72.0,143.78030395507813,233.46384850597384,134.71434020996095]},{"page":20,"text":"`An error message similar to this indicates that the correct client certifcate has not been imported into the","rect":[71.6209945678711,161.71334838867188,539.4955281040013,152.5377960205078]},{"page":20,"text":"`browser:","rect":[72.0,171.72560119628907,108.3236354932785,164.71192932128907]},{"page":20,"text":"`Once logged in with the admin certifcate, confgure the TAK Server with the following instructions:","rect":[72.0,422.8262939453125,509.5971645460129,413.6507568359375]},{"page":20,"text":"`Confgure TAK Server to connect to the database. Access the Database confguration settings:","rect":[72.0,440.70953369140627,539.6154845583166,431.7431945800781]},{"page":20,"text":"`Edit the database connection address, specifying the hostname or IP address of the database","rect":[72.0,700.052490234375,539.691210437359,691.086181640625]},{"page":20,"text":"s` erver:","rect":[72.0,710.0648193359375,105.34481736850739,705.501953125]},{"page":20,"text":"19","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":21,"text":"R` estart TAK Server","rect":[72.0,243.03663635253907,173.8376911535263,235.98312377929688]},{"page":21,"text":"`sudo","rect":[72.0,262.0,92.9214583158493,254.78285217285157]},{"page":21,"text":"systemctl","rect":[98.15182495117188,263.1315002441406,145.22511584758758,254.78285217285157]},{"page":21,"text":"restart","rect":[150.45547485351563,262.0,187.06801135540008,255.3507080078125]},{"page":21,"text":"takserver","rect":[192.29837036132813,262.0,239.3716307401657,254.78285217285157]},{"page":21,"text":"O` r on resource limited hosts","rect":[72.0,284.879638671875,214.98324201488496,277.8360595703125]},{"page":21,"text":"s` udo","rect":[72.0,303.0,92.9214583158493,296.6258544921875]},{"page":21,"text":"systemctl","rect":[98.15182495117188,304.9745178222656,145.22511584758758,296.6258544921875]},{"page":21,"text":"restart","rect":[150.45547485351563,303.0,187.06801135540008,297.1937255859375]},{"page":21,"text":"takserver-noplugins","rect":[192.29837036132813,304.9844970703125,291.6752501249313,296.6258544921875]},{"page":21,"text":"I` f you would like to confgure TLS for Postgres","rect":[72.0,328.61553955078127,308.4324302473068,319.6492004394531]},{"page":21,"text":"database","rect":[312.24810791015627,327.0,355.88429275608066,319.708984375]},{"page":21,"text":"connection,","rect":[359.699951171875,327.0,416.466796128273,319.79864501953127]},{"page":21,"text":"refer","rect":[420.2924499511719,327.0,443.714567984581,319.6492004394531]},{"page":21,"text":"to","rect":[447.5302429199219,327.0,457.7120153665543,320.2967529296875]},{"page":21,"text":"Appendix","rect":[461.5276794433594,328.5458068847656,510.4042011270523,319.66912841796877]},{"page":21,"text":"D.","rect":[514.2198486328125,327.0,526.1750175638199,319.7886657714844]},{"page":21,"text":"`4.4 Use Setup Wizard to Confgure TAK Server","rect":[72.0,356.903076171875,363.5873819580078,346.14337158203127]},{"page":21,"text":"The TAK Server confguration wizard will help you set up common confguration options once you have","rect":[71.64099884033203,374.9433288574219,539.6042693189355,365.7677917480469]},{"page":21,"text":"`installed and started TAK Server. The wizard will guide you through the setup process for a secure","rect":[72.0,386.8983154296875,539.5568450025293,377.7227783203125]},{"page":21,"text":"`confguration, using the default ports that ATAK and WinTAK will connect to.","rect":[72.0,398.85333251953127,420.25262108898166,389.67779541015627]},{"page":21,"text":"O` nce you have created your adminstrative login credentials as in the previous section, go to:","rect":[72.0,416.7863464355469,475.2062954053879,407.72039794921877]},{"page":21,"text":"`https://localhost:8443/setup/ (Recommended. Uses the more secure client certifcate)","rect":[72.0,435.1576843261719,447.4406534996033,425.2050476074219]},{"page":21,"text":"`Then follow the prompts to begin confguring. The wizard will frst walk you through recommended security","rect":[71.64099884033203,452.6513366699219,539.9219657516925,443.58538818359377]},{"page":21,"text":"confguration:","rect":[72.0,464.6073303222656,131.7457241163254,455.5413818359375]},{"page":21,"text":"20","rect":[301.01898193359377,750.09716796875,310.9815745353699,743.2528686523438]},{"page":22,"text":"NOTE: Insecure ports are a potential security risk and may allow attackers to gain access to the system","rect":[71.44000244140625,472.4723815917969,539.6979846771537,463.4163818359375]},{"page":22,"text":"resulting in the disclosure of personal and sensitive information. Use of unencrypted ports should be avoided","rect":[71.34800720214844,484.4283752441406,539.3989413753485,475.37237548828127]},{"page":22,"text":"to ensure a secure TAK Server deployment.","rect":[71.23599243164063,496.38336181640627,261.3423177318573,487.2177734375]},{"page":22,"text":"`Followed by the recommended federation confguration, if you wish to set up your TAK Server to support","rect":[72.0,514.3262939453125,539.8186330360132,505.1507263183594]},{"page":22,"text":"`federation. (For more information on federation, go to section 8):","rect":[72.0,526.7197265625,356.82073632335666,516.76708984375]},{"page":22,"text":"21","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.2529296875]},{"page":23,"text":"`5 Upgrade Existing TAK Server Installation","rect":[72.0,478.6692199707031,395.1768547296524,465.7576599121094]},{"page":23,"text":"5` .1 Overview","rect":[72.0,499.7454833984375,157.7068291015625,491.2692565917969]},{"page":23,"text":"F` ollow this procedure to upgrade a system running TAK Server.","rect":[72.0,520.0453491210938,352.53683129405979,510.8697814941406]},{"page":23,"text":"`5.2 Single-Server Upgrade","rect":[72.0,548.2550659179688,234.41139904785158,537.519287109375]},{"page":23,"text":"`5.2.1 Rocky Linux8","rect":[72.0,566.2355346679688,180.3631994485855,557.3389282226563]},{"page":23,"text":"`Install EPEL (EPEL provides certain dependencies required by PostgreSQL.) Install postgres yum repository.","rect":[72.0,585.1226806640625,541.4217325381974,575.1700439453125]},{"page":23,"text":"I` nstall java 17. Disable the postgresql module (so the later postgresql and postgis specifc versions aren’t","rect":[72.0,597.0787353515625,539.7805059245779,587.1260986328125]},{"page":23,"text":"`inaccessible due to ‘modular fltering’). Enable PowerTools (needed for dependencies of postgis.) Install TAK","rect":[72.0,609.03369140625,539.9083869815816,599.0810546875]},{"page":23,"text":"s` erver.","rect":[72.0,618.6076049804688,100.29378167247772,614.0447387695313]},{"page":23,"text":"s` udo","rect":[72.0,637.0,92.9214583158493,630.289794921875]},{"page":23,"text":"dnf","rect":[98.15182495117188,637.0,113.84292132854462,630.2300415039063]},{"page":23,"text":"install","rect":[119.07328796386719,637.0,155.6858397245407,630.289794921875]},{"page":23,"text":"epel-release","rect":[160.91619873046876,638.5786743164063,223.680544924736,630.289794921875]},{"page":23,"text":"-y","rect":[228.91090393066407,638.6384887695313,239.3716307401657,632.0]},{"page":23,"text":"s` udo dnf install -y","rect":[72.0,650.5935668945313,171.3769255399704,642.1851196289063]},{"page":23,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,662.5595092773438,609.7315855741501,653.3739624023438]},{"page":23,"text":"s` udo dnf -qy module disable postgresql && sudo dnf update -y","rect":[72.0,674.5144653320313,385.8219176054001,666.0462646484375]},{"page":23,"text":"s` udo","rect":[72.0,685.0,92.9214583158493,678.11083984375]},{"page":23,"text":"dnf","rect":[98.15182495117188,685.0,113.84292132854462,678.0510864257813]},{"page":23,"text":"install","rect":[119.07328796386719,685.0,155.6858397245407,678.11083984375]},{"page":23,"text":"java-17-openjdk-devel","rect":[160.91619873046876,686.4595336914063,270.7538023710251,677.9514770507813]},{"page":23,"text":"-y","rect":[275.9841613769531,686.4595336914063,286.4449034452438,679.0]},{"page":23,"text":"s` udo","rect":[72.0,697.0,92.9214583158493,690.0658569335938]},{"page":23,"text":"dnf","rect":[98.15182495117188,697.0,113.84292132854462,690.006103515625]},{"page":23,"text":"config-manager","rect":[119.07328796386719,698.4244995117188,192.29837329387665,690.006103515625]},{"page":23,"text":"--set-enabled","rect":[197.5287322998047,697.0,265.52391345500947,690.0658569335938]},{"page":23,"text":"powertools","rect":[270.7542724609375,698.354736328125,323.0579100370407,690.0658569335938]},{"page":23,"text":"Upgrade Tak server","rect":[71.99996948242188,722.0423583984375,157.57869559574128,713.0859375]},{"page":23,"text":"22","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.2529296875]},{"page":24,"text":"`sudo dnf install takserver-5.1-RELEASEx.noarch.rpm","rect":[72.0,84.16468811035156,333.5181456327438,75.7562484741211]},{"page":24,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,96.17948150634766,332.5227232694626,87.77104187011719]},{"page":24,"text":"Check Java version:","rect":[71.99998474121094,117.30015563964844,157.91744652843478,110.06730651855469]},{"page":24,"text":"`java -version","rect":[72.0,136.54849243164063,139.994753909111,128.25961303710938]},{"page":24,"text":"`This should tell you have 17.x.y. If the command tells you your","rect":[71.64099884033203,159.4923858642578,347.800998579633,150.43638610839845]},{"page":24,"text":"`the alternatives command to change it:","rect":[72.0,171.45828247070313,242.65932885265353,162.5019073486328]},{"page":24,"text":"`sudo","rect":[72.0,187.0,92.9214583158493,180.5238800048828]},{"page":24,"text":"alternatives","rect":[98.15182495117188,187.0,160.91620166301727,180.5238800048828]},{"page":24,"text":"--config","rect":[166.1465606689453,188.8824920654297,207.98945910930633,180.46409606933595]},{"page":24,"text":"java","rect":[213.21981811523438,188.87252807617188,234.14126880168915,180.58364868164063]},{"page":24,"text":"Java","rect":[351.10528564453127,158.0,370.52408826032538,150.6555633544922]},{"page":24,"text":"version","rect":[373.828369140625,158.0,404.19197081808229,150.9145965576172]},{"page":24,"text":"is","rect":[407.5061950683594,158.0,414.1643544739411,150.9145965576172]},{"page":24,"text":"not","rect":[417.4785461425781,158.0,431.79707872048126,151.33302307128907]},{"page":24,"text":"17.x.y,","rect":[435.11126708984377,159.4923858642578,462.90491258420857,150.72531127929688]},{"page":24,"text":"then","rect":[466.2191162109375,158.0,485.48908995870729,150.5459747314453]},{"page":24,"text":"you","rect":[488.7933349609375,159.4923858642578,504.22319030050417,152.0]},{"page":24,"text":"can","rect":[507.5274658203125,158.0,522.4016570973791,152.0]},{"page":24,"text":"use","rect":[525.7158813476563,158.0,539.5382690372783,152.0]},{"page":24,"text":"`5.2.2 RHEL8","rect":[72.0,217.53065490722657,148.50280210971833,210.5966796875]},{"page":24,"text":"`Setup the extra postgres yum repo for the latest postgres and postgis. Install Java 17. Disable the postgresql","rect":[72.0,237.86233520507813,539.5275674991349,228.79637145996095]},{"page":24,"text":"s` tream to install the specifc postgres version we depend on. Install TAK Server RPM database and its","rect":[72.0,249.81729125976563,539.5568090651843,240.64173889160157]},{"page":24,"text":"d` ependencies.","rect":[72.0,261.65277099609377,131.47671166515353,252.81593322753907]},{"page":24,"text":"s` udo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm","rect":[72.0,279.19744873046877,527.0421324491501,270.0119323730469]},{"page":24,"text":"-y","rect":[91.92499542236328,291.1424865722656,102.38572223186493,284.58709716796877]},{"page":24,"text":"s` udo dnf install","rect":[72.0,300.88580322265627,155.6858397245407,294.6890869140625]},{"page":24,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,315.0624694824219,609.7315855741501,305.876953125]},{"page":24,"text":"-y","rect":[91.92499542236328,327.0085144042969,102.38572223186493,320.453125]},{"page":24,"text":"`sudo dnf","rect":[72.0,337.0,113.84292132854462,330.5550842285156]},{"page":24,"text":"update","rect":[119.07328796386719,338.9037170410156,150.45547778606415,330.6148376464844]},{"page":24,"text":"-y","rect":[155.6858367919922,338.9635009765625,166.14656360149383,332.0]},{"page":24,"text":"&&","rect":[171.37692260742188,336.8016357421875,181.8376494169235,330.5052490234375]},{"page":24,"text":"sudo","rect":[187.06800842285157,337.0,207.98945910930633,330.6148376464844]},{"page":24,"text":"dnf","rect":[213.21981811523438,337.0,228.91090686321258,330.5550842285156]},{"page":24,"text":"install","rect":[234.14126586914063,337.0,270.7538023710251,330.6148376464844]},{"page":24,"text":"java-17-openjdk-devel","rect":[275.9841613769531,338.9635009765625,385.8219176054001,330.4554443359375]},{"page":24,"text":"-y","rect":[391.05230712890627,338.9635009765625,401.51304919719697,332.0]},{"page":24,"text":"`sudo dnf module disable postgresql","rect":[72.0,350.9284973144531,249.83235461711883,342.5101013183594]},{"page":24,"text":"`sudo","rect":[72.0,361.0,92.9214583158493,354.5248718261719]},{"page":24,"text":"subscription-manager","rect":[98.15182495117188,362.8835144042969,202.75909717082977,354.5248718261719]},{"page":24,"text":"config","rect":[207.9894561767578,362.8835144042969,239.3716307401657,354.4651184082031]},{"page":24,"text":"--rhsm.manage_repos=1","rect":[244.60198974609376,362.8835144042969,354.4396544218063,354.415283203125]},{"page":24,"text":"`sudo","rect":[72.0,373.0,92.9214583158493,366.4798583984375]},{"page":24,"text":"subscription-manager","rect":[98.15182495117188,374.8385009765625,202.75909717082977,366.4798583984375]},{"page":24,"text":"repos","rect":[207.9894561767578,374.76873779296877,234.14126880168915,368.0]},{"page":24,"text":"--enable","rect":[239.3716278076172,373.0,281.21519763469697,366.4798583984375]},{"page":24,"text":"codeready-builder-for-rhel-8-x86_64-rpms","rect":[286.4460144042969,374.8285217285156,495.6609678983688,366.3603210449219]},{"page":24,"text":"Note: If you get the error ‘This system has no repositories available through subscriptions’, you need to","rect":[71.44000244140625,397.77337646484377,539.6674375921652,388.7173767089844]},{"page":24,"text":"subscribe your system with:","rect":[71.47000122070313,409.7283935546875,190.25409141349793,400.781982421875]},{"page":24,"text":"`sudo subscription-manager","rect":[72.0,427.1634826660156,202.75909717082977,418.8048400878906]},{"page":24,"text":"--auto-attach","rect":[91.92499542236328,436.8968200683594,159.91974170207977,430.7598571777344]},{"page":24,"text":"register","rect":[207.9894561767578,427.1634826660156,249.83235461711883,418.8646240234375]},{"page":24,"text":"--username","rect":[255.06271362304688,426.0,307.3663511991501,420.0]},{"page":24,"text":"<your_username>","rect":[312.5966796875,427.15350341796877,391.0522948026657,420.0]},{"page":24,"text":"--password","rect":[396.2826843261719,427.0937194824219,448.5864439725876,418.8048400878906]},{"page":24,"text":"<your_password>","rect":[453.81683349609377,427.15350341796877,532.2724791288376,418.8048400878906]},{"page":24,"text":"`Upgrade Tak server","rect":[72.0,462.0623474121094,157.5787261133194,453.1059875488281]},{"page":24,"text":"s` udo dnf install takserver-5.1-RELEASEx.noarch.rpm","rect":[72.0,479.417724609375,333.5181456327438,471.0093078613281]},{"page":24,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,491.4325256347656,332.5227232694626,483.02410888671877]},{"page":24,"text":"Check Java version:","rect":[71.99998474121094,512.5542602539063,157.91744652843478,505.3214111328125]},{"page":24,"text":"`java -version","rect":[72.0,531.8015747070313,139.994753909111,523.5126953125]},{"page":24,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,554.746337890625,539.5382690372783,545.6903686523438]},{"page":24,"text":"t` he alternatives command to change it:","rect":[72.0,566.7113647460938,242.65932885265353,557.7549438476563]},{"page":24,"text":"s` udo","rect":[72.0,583.0,92.9214583158493,575.77783203125]},{"page":24,"text":"alternatives","rect":[98.15182495117188,583.0,160.91620166301727,575.77783203125]},{"page":24,"text":"--config","rect":[166.1465606689453,584.136474609375,207.98945910930633,575.7180786132813]},{"page":24,"text":"java","rect":[213.21981811523438,584.1265258789063,234.14126880168915,575.837646484375]},{"page":24,"text":"`5.2.3 RHEL7","rect":[72.0,612.7835693359375,148.50280210971833,605.849609375]},{"page":24,"text":"`If you have not previously done so, install EPEL (EPEL provides certain dependencies required by PostgreSQL.)","rect":[72.0,633.5537109375,540.6602493168161,623.60107421875]},{"page":24,"text":"I` nstall postgres yum repository (required in order to install up-to-date Postgresql and PostGIS packages.)","rect":[72.0,645.5087280273438,540.6725554526116,635.5560913085938]},{"page":24,"text":"I` nstall OpenJDK 17 and other dependencies. Upgrade TAK server","rect":[72.0,657.0263671875,363.1370452051163,647.8507690429688]},{"page":24,"text":"s` udo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm","rect":[72.0,674.4505004882813,527.0421324491501,665.2649536132813]},{"page":24,"text":"-y","rect":[91.92499542236328,686.3965454101563,102.38572223186493,679.8411254882813]},{"page":24,"text":"`sudo yum install","rect":[72.0,698.3515014648438,155.6858397245407,690.0028076171875]},{"page":24,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,710.3164672851563,609.7315855741501,701.1309204101563]},{"page":24,"text":"-y","rect":[91.92499542236328,722.2615356445313,102.38572223186493,715.7061157226563]},{"page":24,"text":"23","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":25,"text":"`sudo","rect":[72.0,83.0,92.9214583158493,75.87580108642578]},{"page":25,"text":"yum","rect":[98.15182495117188,84.2244644165039,113.84292132854462,77.0]},{"page":25,"text":"install","rect":[119.07328796386719,83.0,155.6858397245407,75.87580108642578]},{"page":25,"text":"-y","rect":[160.91619873046876,84.2244644165039,171.3769255399704,77.0]},{"page":25,"text":"postgis33_15","rect":[176.60728454589845,84.23442077636719,239.3716307401657,75.7662124633789]},{"page":25,"text":"postgis33_15-utils","rect":[244.60198974609376,84.23442077636719,338.74852283000947,75.7662124633789]},{"page":25,"text":"s` udo","rect":[72.0,95.0,92.9214583158493,87.83081817626953]},{"page":25,"text":"yum","rect":[98.15182495117188,96.17948150634766,113.84292132854462,89.0]},{"page":25,"text":"install","rect":[119.07328796386719,95.0,155.6858397245407,87.83081817626953]},{"page":25,"text":"-y","rect":[160.91619873046876,96.17948150634766,171.3769255399704,89.0]},{"page":25,"text":"postgresql15-server","rect":[176.60728454589845,96.18943786621094,275.9841490507126,87.72122955322266]},{"page":25,"text":"postgresql15-contrib","rect":[281.21453857421877,96.18943786621094,385.8219176054001,87.72122955322266]},{"page":25,"text":"s` udo yum install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[72.0,108.1344985961914,527.0421324491501,98.95893859863281]},{"page":25,"text":"`sudo","rect":[72.0,119.0,92.9214583158493,111.74085235595703]},{"page":25,"text":"rpm","rect":[98.15182495117188,120.02973937988281,113.84292132854462,113.0]},{"page":25,"text":"-Uvh","rect":[119.07328796386719,119.0,139.994753909111,111.74085235595703]},{"page":25,"text":"takserver-5.1-RELEASEx.noarch.rpm","rect":[145.22511291503907,120.02973937988281,317.8270445585251,111.62129974365235]},{"page":25,"text":"--nodeps","rect":[323.05743408203127,120.02973937988281,364.9004088163376,111.74085235595703]},{"page":25,"text":"N` ote that the yum package manager does not currently support JDK 17 on Centos 7 and RHEL 7. By","rect":[72.0,142.54928588867188,540.0141092483656,133.4833221435547]},{"page":25,"text":"i` nstalling the package manually, you will be responsible for future security updates. For a safer long-term","rect":[72.0,154.50430297851563,539.49894663417,145.43833923339845]},{"page":25,"text":"s` olution, we recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,166.45033264160157,423.7294887647629,157.3943328857422]},{"page":25,"text":"`Check Java version:","rect":[72.0,182.55918884277345,157.91746178722384,175.3263397216797]},{"page":25,"text":"j` ava -version","rect":[72.0,201.31350708007813,139.994753909111,193.02462768554688]},{"page":25,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,223.7633819580078,539.5382690372783,214.70738220214845]},{"page":25,"text":"`the alternatives command to change it:","rect":[72.0,235.72830200195313,242.65932885265353,226.7719268798828]},{"page":25,"text":"s` udo","rect":[72.0,251.0,92.9214583158493,244.3008575439453]},{"page":25,"text":"alternatives","rect":[98.15182495117188,251.0,160.91620166301727,244.3008575439453]},{"page":25,"text":"--config","rect":[166.1465606689453,252.6594696044922,207.98945910930633,244.24107360839845]},{"page":25,"text":"java","rect":[213.21981811523438,252.64950561523438,234.14126880168915,244.36062622070313]},{"page":25,"text":"`5.2.4 Ubuntu and Raspberry Pi OS","rect":[72.0,282.4825439453125,257.30435031318668,273.5560607910156]},{"page":25,"text":"U` pgrade Tak server","rect":[72.0,300.93133544921877,157.5787261133194,291.9749755859375]},{"page":25,"text":"s` udo apt install ./takserver-5.1-RELEASEx_all.deb","rect":[72.0,317.792724609375,328.2877989530563,308.6769714355469]},{"page":25,"text":"`Check Java version:","rect":[72.0,338.479248046875,157.91746178722384,331.24639892578127]},{"page":25,"text":"j` ava -version","rect":[72.0,357.2335205078125,139.994753909111,348.94464111328127]},{"page":25,"text":"T` his should tell you have 17.x.y. If the command tells you your","rect":[71.64099884033203,379.6833801269531,347.800998579633,370.62738037109377]},{"page":25,"text":"t` he alternatives command to change it:","rect":[72.0,391.6483459472656,242.65932885265353,382.6919860839844]},{"page":25,"text":"`sudo","rect":[72.0,407.0,92.9214583158493,400.2208251953125]},{"page":25,"text":"alternatives","rect":[98.15182495117188,407.0,160.91620166301727,400.2208251953125]},{"page":25,"text":"--config","rect":[166.1465606689453,408.5794677734375,207.98945910930633,400.16107177734377]},{"page":25,"text":"java","rect":[213.21981811523438,408.5694885253906,234.14126880168915,400.2806091308594]},{"page":25,"text":"Java","rect":[351.10528564453127,378.0,370.52408826032538,370.8465576171875]},{"page":25,"text":"version","rect":[373.828369140625,378.0,404.19197081808229,371.1055603027344]},{"page":25,"text":"is","rect":[407.5061950683594,378.0,414.1643544739411,371.1055603027344]},{"page":25,"text":"not","rect":[417.4785461425781,378.0,431.79707872048126,371.52398681640627]},{"page":25,"text":"17.x.y,","rect":[435.11126708984377,379.6833801269531,462.90491258420857,370.9162902832031]},{"page":25,"text":"then","rect":[466.2191162109375,378.0,485.48908995870729,370.7369689941406]},{"page":25,"text":"you","rect":[488.7933349609375,379.6833801269531,504.22319030050417,372.0]},{"page":25,"text":"can","rect":[507.5274658203125,378.0,522.4016570973791,372.0]},{"page":25,"text":"use","rect":[525.7158813476563,378.0,539.5382690372783,372.0]},{"page":25,"text":"`5.2.5 Centos 7","rect":[72.0,436.5196228027344,150.79419920444489,429.4760437011719]},{"page":25,"text":"`If you have not previously done so, install EPEL (EPEL provides certain dependencies required by PostgreSQL.)","rect":[72.0,457.2896728515625,540.6602493168161,447.3370361328125]},{"page":25,"text":"I` nstall postgres yum repository (required in order to install up-to-date Postgresql and PostGIS packages.)","rect":[72.0,469.2446594238281,540.6725554526116,459.2920227050781]},{"page":25,"text":"`Install OpenJDK 17 and other dependencies. Upgrade Tak server.","rect":[72.0,480.7613220214844,360.91537133312229,471.69537353515627]},{"page":25,"text":"s` udo","rect":[72.0,496.0,92.9214583158493,489.3338317871094]},{"page":25,"text":"yum","rect":[98.15182495117188,497.6824951171875,113.84292132854462,491.0]},{"page":25,"text":"install","rect":[119.07328796386719,496.0,155.6858397245407,489.3338317871094]},{"page":25,"text":"epel-release","rect":[160.91619873046876,497.6227111816406,223.680544924736,489.3338317871094]},{"page":25,"text":"-y","rect":[228.91090393066407,497.6824951171875,239.3716307401657,491.0]},{"page":25,"text":"`sudo yum install","rect":[72.0,509.63751220703127,155.6858397245407,501.2888488769531]},{"page":25,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,521.6024780273438,609.7315855741501,512.4169311523438]},{"page":25,"text":"-y","rect":[91.92499542236328,533.5485229492188,102.38572223186493,526.9931030273438]},{"page":25,"text":"s` udo yum","rect":[72.0,545.5035400390625,113.84292132854462,537.1548461914063]},{"page":25,"text":"`sudo yum","rect":[72.0,557.4585571289063,113.84292132854462,549.10986328125]},{"page":25,"text":"`sudo yum","rect":[72.0,569.4135131835938,113.84292132854462,561.0648193359375]},{"page":25,"text":"`sudo rpm","rect":[72.0,581.3087158203125,113.84292132854462,573.0198364257813]},{"page":25,"text":"install","rect":[119.07328796386719,544.0,155.6858397245407,537.1548461914063]},{"page":25,"text":"-y","rect":[160.91619873046876,545.5035400390625,171.3769255399704,538.9481201171875]},{"page":25,"text":"postgis33_15","rect":[176.60728454589845,545.5134887695313,239.3716307401657,537.0452880859375]},{"page":25,"text":"postgis33_15-utils","rect":[244.60198974609376,545.5134887695313,338.74852283000947,537.0452880859375]},{"page":25,"text":"install","rect":[119.07328796386719,556.0,155.6858397245407,549.10986328125]},{"page":25,"text":"-y","rect":[160.91619873046876,557.4585571289063,171.3769255399704,550.9031372070313]},{"page":25,"text":"postgresql15-server","rect":[176.60728454589845,557.468505859375,275.9841490507126,549.0003051757813]},{"page":25,"text":"postgresql15-contrib","rect":[281.21453857421877,557.468505859375,385.8219176054001,549.0003051757813]},{"page":25,"text":"install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[119.07328796386719,569.4135131835938,527.0421324491501,560.2379150390625]},{"page":25,"text":"-Uvh takserver-5.1-RELEASEx.noarch.rpm --nodeps","rect":[119.07328796386719,581.3087158203125,364.9004088163376,572.9002685546875]},{"page":25,"text":"`Note that the yum package manager does not currently support JDK 17 on Centos 7 and RHEL 7. By","rect":[72.0,603.828369140625,540.0141092483656,594.7623901367188]},{"page":25,"text":"`installing the package manually, you will be responsible for future security updates. For a safer long-term","rect":[72.0,615.7843627929688,539.49894663417,606.7183837890625]},{"page":25,"text":"s` olution, we recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,627.7293701171875,423.7294887647629,618.6734008789063]},{"page":25,"text":"`Check Java version:","rect":[72.0,643.8382568359375,157.91746178722384,636.6054077148438]},{"page":25,"text":"`java -version","rect":[72.0,662.592529296875,139.994753909111,654.3036499023438]},{"page":25,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,685.0423583984375,539.5382690372783,675.9863891601563]},{"page":25,"text":"`the alternatives command to change it:","rect":[72.0,697.0073852539063,242.65932885265353,688.0509643554688]},{"page":25,"text":"`sudo","rect":[72.0,712.0,92.9214583158493,705.579833984375]},{"page":25,"text":"alternatives","rect":[98.15182495117188,712.0,160.91620166301727,705.579833984375]},{"page":25,"text":"--config","rect":[166.1465606689453,713.9384765625,207.98945910930633,705.5200805664063]},{"page":25,"text":"java","rect":[213.21981811523438,713.9285278320313,234.14126880168915,705.6396484375]},{"page":25,"text":"24","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.143310546875]},{"page":26,"text":"5` .3 Two-Server Upgrade","rect":[72.0,84.35398864746094,223.43651501464846,73.61822509765625]},{"page":26,"text":"5` .3.1 Rocky Linux8","rect":[72.0,102.33448791503906,180.3631994485855,93.43788146972656]},{"page":26,"text":"`Upgrade the two TAK Server packages on the servers on","rect":[72.0,120.78324127197266,319.23181854724887,111.60768127441406]},{"page":26,"text":"F` irst, on the core server, install Java 17 and upgrade the","rect":[72.0,138.71621704101563,320.0088740272522,129.7598419189453]},{"page":26,"text":"`sudo","rect":[72.0,155.0,92.9214583158493,148.5198516845703]},{"page":26,"text":"`sudo","rect":[72.0,167.0,92.9214583158493,160.4748077392578]},{"page":26,"text":"which they are","rect":[322.54937744140627,120.77327728271485,386.7184687538147,111.82685852050781]},{"page":26,"text":"core package:","rect":[323.326416015625,138.71621704101563,381.4283413038254,129.7598419189453]},{"page":26,"text":"installed.","rect":[390.0360107421875,119.0,429.3284877882004,111.82685852050781]},{"page":26,"text":"`Next, on the database server, upgrade the database. Setup the extra postgres yum repo for the latest postgres","rect":[72.0,192.51431274414063,539.5275452248243,183.44834899902345]},{"page":26,"text":"a` nd postgis. Disable the postgresql stream to install the specifc postgres version we depend on. Install","rect":[72.0,204.46932983398438,539.5162488975784,195.4033660888672]},{"page":26,"text":"Java 17. Enable the ‘powertools’ repo for postgis dependencies. Install TAK Server RPM database and its","rect":[71.74099731445313,216.42532348632813,539.5588201351028,207.24977111816407]},{"page":26,"text":"d` ependencies.","rect":[72.0,228.2607879638672,131.47671166515353,219.42396545410157]},{"page":26,"text":"s` udo","rect":[72.0,245.0,92.9214583158493,238.1828155517578]},{"page":26,"text":"s` udo","rect":[72.0,256.2757568359375,92.9214583158493,250.13880920410157]},{"page":26,"text":"dnf","rect":[98.15182495117188,245.0,113.84292132854462,238.12303161621095]},{"page":26,"text":"dnf","rect":[98.15182495117188,256.2757568359375,113.84292132854462,250.0790252685547]},{"page":26,"text":"install","rect":[119.07328796386719,245.0,155.6858397245407,238.1828155517578]},{"page":26,"text":"install","rect":[119.07328796386719,256.2757568359375,155.6858397245407,250.13880920410157]},{"page":26,"text":"epel-release","rect":[160.91619873046876,246.47169494628907,223.680544924736,238.1828155517578]},{"page":26,"text":"-y","rect":[228.91090393066407,246.53146362304688,239.3716307401657,239.97607421875]},{"page":26,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,270.4525146484375,609.7315855741501,261.2669982910156]},{"page":26,"text":"-y","rect":[91.92499542236328,282.39752197265627,102.38572223186493,275.8421325683594]},{"page":26,"text":"s` udo dnf","rect":[72.0,293.0,113.84292132854462,285.944091796875]},{"page":26,"text":"s` udo dnf","rect":[72.0,305.0,113.84292132854462,297.89910888671877]},{"page":26,"text":"s` udo dnf","rect":[72.0,317.0,113.84292132854462,309.8540954589844]},{"page":26,"text":"s` udo dnf","rect":[72.0,329.0,113.84292132854462,321.8100891113281]},{"page":26,"text":"update -y","rect":[119.07328796386719,294.3525085449219,166.14656360149383,286.00384521484377]},{"page":26,"text":"module disable postgresql","rect":[119.07328796386719,306.3175048828125,249.83235461711883,297.9588623046875]},{"page":26,"text":"install","rect":[119.07328796386719,317.0,155.6858397245407,309.9138488769531]},{"page":26,"text":"java-17-openjdk-devel","rect":[160.91619873046876,318.26251220703127,270.7538023710251,309.75445556640627]},{"page":26,"text":"-y","rect":[275.9841613769531,318.26251220703127,286.4449034452438,311.0]},{"page":26,"text":"config-manager --set-enabled powertools","rect":[119.07328796386719,330.2284851074219,323.0579100370407,321.8100891113281]},{"page":26,"text":"Make sure the database RPM is in the current directory","rect":[71.99996948242188,353.8993835449219,317.5182954416275,344.9529724121094]},{"page":26,"text":"s` udo dnf install takserver-database-5.1-RELEASE-x.noarch.rpm","rect":[72.0,372.001708984375,385.8219176054001,363.5932922363281]},{"page":26,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,384.0164794921875,332.5227232694626,375.6080627441406]},{"page":26,"text":"T` his command will make a copy of your existing Postgresql database and update it to version 15. If there is","rect":[71.64099884033203,407.70733642578127,539.5702578705614,398.6413879394531]},{"page":26,"text":"a` n issue with the upgraded database, you can fall back to the copy of the previous version. If the upgrade","rect":[72.0,419.662353515625,539.549594983519,410.5964050292969]},{"page":26,"text":"s` ucceeds, there will be a delete_old_cluster.sh script automatically created that you can run to safely remove","rect":[72.0,431.6083984375,539.4983786379127,422.5523986816406]},{"page":26,"text":"t` he previous version’s data copy.","rect":[72.0,443.5633850097656,213.75783959484103,434.6169738769531]},{"page":26,"text":"C` heck Java version in both servers","rect":[72.0,459.6722412109375,223.05293459129335,452.43939208984377]},{"page":26,"text":"j` ava -version","rect":[72.0,479.6575012207031,139.994753909111,471.3686218261719]},{"page":26,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,503.3393859863281,539.5382690372783,494.28338623046877]},{"page":26,"text":"t` he alternatives command to change it:","rect":[72.0,515.3043212890625,242.65932885265353,506.3479309082031]},{"page":26,"text":"s` udo","rect":[72.0,532.0,92.9214583158493,525.1068115234375]},{"page":26,"text":"alternatives","rect":[98.15182495117188,532.0,160.91620166301727,525.1068115234375]},{"page":26,"text":"--config","rect":[166.1465606689453,533.4654541015625,207.98945910930633,525.0470581054688]},{"page":26,"text":"java","rect":[213.21981811523438,533.4555053710938,234.14126880168915,525.1666259765625]},{"page":26,"text":"5` .3.2 RHEL8","rect":[72.0,563.1676025390625,148.50280210971833,556.233642578125]},{"page":26,"text":"U` pgrade the two TAK Server packages on the servers on which they are installed.","rect":[72.0,583.4993896484375,429.3284877882004,574.3237915039063]},{"page":26,"text":"F` irst, on the core server, install Java 17 and upgrade the core package:","rect":[72.0,601.432373046875,381.4283413038254,592.4759521484375]},{"page":26,"text":"`sudo","rect":[72.0,618.0,92.9214583158493,611.23583984375]},{"page":26,"text":"s` udo","rect":[72.0,630.0,92.9214583158493,623.1908569335938]},{"page":26,"text":"dnf","rect":[98.15182495117188,618.0,113.84292132854462,611.1760864257813]},{"page":26,"text":"dnf","rect":[98.15182495117188,630.0,113.84292132854462,623.131103515625]},{"page":26,"text":"update -y && sudo dnf install java-17-openjdk-devel","rect":[119.07328796386719,619.5845336914063,385.8219176054001,611.0764770507813]},{"page":26,"text":"install","rect":[119.07328796386719,630.0,155.6858397245407,623.1908569335938]},{"page":26,"text":"takserver-core-5.1-RELEASEx.noarch.rpm","rect":[160.91619873046876,631.479736328125,359.67003161907197,623.0712890625]},{"page":26,"text":"-y","rect":[364.9004211425781,631.53955078125,375.3611632108688,624.984130859375]},{"page":26,"text":"-y","rect":[391.05230712890627,619.5845336914063,401.51304919719697,613.0]},{"page":26,"text":"`Next, on the database server, upgrade the database. Setup the extra postgres yum repo for the latest postgres","rect":[72.0,655.2303466796875,539.5275452248243,646.1643676757813]},{"page":26,"text":"`and postgis. Install Java 17. Disable the postgresql stream to install the specifc postgres version we depend","rect":[72.0,667.1853637695313,539.5153213436146,658.119384765625]},{"page":26,"text":"o` n. Install TAK Server RPM database and its dependencies.","rect":[72.0,679.0208129882813,336.5866664991379,669.9647827148438]},{"page":26,"text":"s` udo dnf","rect":[72.0,696.0,113.84292132854462,688.8840942382813]},{"page":26,"text":"-y","rect":[91.92499542236328,709.24755859375,102.38572223186493,702.692138671875]},{"page":26,"text":"install","rect":[119.07328796386719,696.0,155.6858397245407,688.94384765625]},{"page":26,"text":"https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm","rect":[160.91619873046876,697.302490234375,527.0421324491501,688.116943359375]},{"page":26,"text":"25","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":27,"text":"s` udo dnf install","rect":[72.0,82.01276397705078,155.6858397245407,75.81602478027344]},{"page":27,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,96.18943786621094,609.7315855741501,87.00392150878906]},{"page":27,"text":"-y","rect":[91.92499542236328,108.1344985961914,102.38572223186493,101.5791015625]},{"page":27,"text":"`sudo dnf update -y && sudo dnf install java-17-openjdk-devel -y","rect":[72.0,120.08951568603516,401.51304919719697,111.58145141601563]},{"page":27,"text":"`sudo dnf module disable postgresql","rect":[72.0,132.05442810058595,249.83235461711883,123.63603210449219]},{"page":27,"text":"`sudo","rect":[72.0,143.0,92.9214583158493,135.6508331298828]},{"page":27,"text":"subscription-manager","rect":[98.15182495117188,144.0094451904297,202.75909717082977,135.6508331298828]},{"page":27,"text":"config","rect":[207.9894561767578,144.0094451904297,239.3716307401657,135.59104919433595]},{"page":27,"text":"--rhsm.manage_repos=1","rect":[244.60198974609376,144.0094451904297,354.4396544218063,135.54124450683595]},{"page":27,"text":"`sudo","rect":[72.0,154.0,92.9214583158493,147.6068878173828]},{"page":27,"text":"subscription-manager","rect":[98.15182495117188,155.9654998779297,202.75909717082977,147.6068878173828]},{"page":27,"text":"repos","rect":[207.9894561767578,155.89576721191407,234.14126880168915,149.0]},{"page":27,"text":"--enable","rect":[239.3716278076172,154.0,281.21519763469697,147.6068878173828]},{"page":27,"text":"codeready-builder-for-rhel-8-x86_64-rpms","rect":[286.4460144042969,155.95553588867188,495.6609678983688,147.48733520507813]},{"page":27,"text":"Note: If you get the error ‘This system has no repositories available through subscriptions’, you need to","rect":[71.44000244140625,179.63636779785157,539.6674375921652,170.5803680419922]},{"page":27,"text":"subscribe your system with:","rect":[71.47000122070313,191.5913848876953,190.25409141349793,182.6449737548828]},{"page":27,"text":"`sudo subscription-manager","rect":[72.0,209.7634735107422,202.75909717082977,201.4048614501953]},{"page":27,"text":"--auto-attach","rect":[91.92499542236328,219.49684143066407,159.91974170207977,213.35987854003907]},{"page":27,"text":"register","rect":[207.9894561767578,209.7634735107422,249.83235461711883,201.46463012695313]},{"page":27,"text":"--username","rect":[255.06271362304688,208.0,307.3663511991501,203.0]},{"page":27,"text":"<your_username>","rect":[312.5966796875,209.75350952148438,391.0522948026657,201.9528045654297]},{"page":27,"text":"--password","rect":[396.2826843261719,209.69374084472657,448.5864439725876,201.4048614501953]},{"page":27,"text":"<your_password>","rect":[453.81683349609377,209.75350952148438,532.2724791288376,201.4048614501953]},{"page":27,"text":"M` ake sure the database RPM is in the current directory","rect":[72.0,245.3893585205078,317.51832595920566,236.4429473876953]},{"page":27,"text":"`sudo dnf install takserver-database-5.1-RELEASE-x.noarch.rpm","rect":[72.0,263.49169921875,385.8219176054001,255.08328247070313]},{"page":27,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,275.5065002441406,332.5227232694626,267.09808349609377]},{"page":27,"text":"`This command will make a copy of your existing Postgresql database and update it to version 15. If there is","rect":[71.64099884033203,299.1983337402344,539.5702578705614,290.13238525390627]},{"page":27,"text":"a` n issue with the upgraded database, you can fall back to the copy of the previous version. If the upgrade","rect":[72.0,311.1533508300781,539.549594983519,302.08740234375]},{"page":27,"text":"s` ucceeds, there will be a delete_old_cluster.sh script automatically created that you can run to safely remove","rect":[72.0,323.098388671875,539.4983786379127,314.0423889160156]},{"page":27,"text":"`the previous version’s data copy.","rect":[72.0,335.0533752441406,213.75783959484103,326.1069641113281]},{"page":27,"text":"C` heck Java version in both servers","rect":[72.0,351.1632385253906,223.05293459129335,343.9303894042969]},{"page":27,"text":"j` ava -version","rect":[72.0,371.14849853515627,139.994753909111,362.859619140625]},{"page":27,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,394.8293762207031,539.5382690372783,385.77337646484377]},{"page":27,"text":"t` he alternatives command to change it:","rect":[72.0,406.7943115234375,242.65932885265353,397.83795166015627]},{"page":27,"text":"`sudo","rect":[72.0,423.0,92.9214583158493,416.59783935546877]},{"page":27,"text":"alternatives","rect":[98.15182495117188,423.0,160.91620166301727,416.59783935546877]},{"page":27,"text":"--config","rect":[166.1465606689453,424.95648193359377,207.98945910930633,416.5380859375]},{"page":27,"text":"java","rect":[213.21981811523438,424.9465026855469,234.14126880168915,416.6576232910156]},{"page":27,"text":"5` .3.3 RHEL7","rect":[72.0,454.6576232910156,148.50280210971833,447.7236328125]},{"page":27,"text":"`Install OpenJDK 17 and other dependencies (if you have not previously done so.)","rect":[72.0,475.4286804199219,428.0732523765564,465.4760437011719]},{"page":27,"text":"`sudo","rect":[72.0,492.0,92.9214583158493,484.7928466796875]},{"page":27,"text":"yum","rect":[98.15182495117188,493.1415100097656,113.84292132854462,486.0]},{"page":27,"text":"install","rect":[119.07328796386719,492.0,155.6858397245407,484.7928466796875]},{"page":27,"text":"-y","rect":[160.91619873046876,493.1415100097656,171.3769255399704,486.0]},{"page":27,"text":"postgis33_15","rect":[176.60728454589845,493.1514892578125,239.3716307401657,484.6832580566406]},{"page":27,"text":"postgis33_15-utils","rect":[244.60198974609376,493.1514892578125,338.74852283000947,484.6832580566406]},{"page":27,"text":"s` udo","rect":[72.0,504.0,92.9214583158493,496.7478332519531]},{"page":27,"text":"yum","rect":[98.15182495117188,505.09649658203127,113.84292132854462,498.0]},{"page":27,"text":"install","rect":[119.07328796386719,504.0,155.6858397245407,496.7478332519531]},{"page":27,"text":"-y","rect":[160.91619873046876,505.09649658203127,171.3769255399704,498.0]},{"page":27,"text":"postgresql15-server","rect":[176.60728454589845,505.1064758300781,275.9841490507126,496.63824462890627]},{"page":27,"text":"postgresql15-contrib","rect":[281.21453857421877,505.1064758300781,385.8219176054001,496.63824462890627]},{"page":27,"text":"`sudo yum install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[72.0,517.0525512695313,527.0421324491501,507.8769836425781]},{"page":27,"text":"N` ote that the yum package manager does not currently support JDK 17 on RHEL 7. By installing the","rect":[72.0,540.7433471679688,539.607565217373,531.7869262695313]},{"page":27,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,552.6983642578125,539.5264494947168,543.6323852539063]},{"page":27,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8. Upgrade the two TAK Server packages","rect":[72.0,564.6533203125,539.6487449376435,555.4777221679688]},{"page":27,"text":"`on the servers on which they are installed.","rect":[72.0,576.598388671875,256.3579067335129,567.6519775390625]},{"page":27,"text":"`First, upgrade the core package:","rect":[72.0,594.5413818359375,212.44276085948946,585.5849609375]},{"page":27,"text":"`sudo rpm -Uvh takserver-core-5.1-RELEASEx.noarch.rpm","rect":[72.0,612.6337280273438,343.9789000272751,604.2252807617188]},{"page":27,"text":"--nodeps","rect":[349.20928955078127,612.6337280273438,391.0522948026657,604.3448486328125]},{"page":27,"text":"`Next, upgrade the database. Setup the extra postgres yum repo for the latest postgres and postgis. Install","rect":[72.0,636.3843383789063,539.5295418350761,627.318359375]},{"page":27,"text":"T` AK Server RPM database and its dependencies.","rect":[71.64099884033203,648.2197875976563,287.79949608898166,639.1637573242188]},{"page":27,"text":"s` udo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm","rect":[72.0,666.50146484375,527.0421324491501,657.31591796875]},{"page":27,"text":"`sudo yum install","rect":[72.0,678.446533203125,155.6858397245407,670.0978393554688]},{"page":27,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,690.4124755859375,609.7315855741501,681.2269287109375]},{"page":27,"text":"-y","rect":[91.92499542236328,702.3575439453125,102.38572223186493,695.8021240234375]},{"page":27,"text":"s` udo yum","rect":[72.0,714.3125610351563,113.84292132854462,705.9638671875]},{"page":27,"text":"update","rect":[119.07328796386719,714.2527465820313,150.45547778606415,705.9638671875]},{"page":27,"text":"-y","rect":[155.6858367919922,714.3125610351563,166.14656360149383,707.0]},{"page":27,"text":"26","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":28,"text":"`Make sure the database RPM is in the current directory","rect":[72.0,83.99532318115235,317.51832595920566,75.04890441894531]},{"page":28,"text":"s` udo rpm -Uvh takserver-database-5.1-RELEASEx.noarch.rpm","rect":[72.0,102.07075500488281,364.9004088163376,93.66231536865235]},{"page":28,"text":"--nodeps","rect":[370.13079833984377,102.07075500488281,411.9738035917282,93.78186798095703]},{"page":28,"text":"`This command will make a copy of your existing Postgresql database and update it to version 15. If there is","rect":[71.64099884033203,125.79532623291016,539.5702578705614,116.72935485839844]},{"page":28,"text":"`an issue with the upgraded database, you can fall back to the copy of the previous version. If the upgrade","rect":[72.0,137.75027465820313,539.549594983519,128.68431091308595]},{"page":28,"text":"`succeeds, there will be a delete_old_cluster.sh script automatically created that you can run to safely remove","rect":[72.0,149.69532775878907,539.4983786379127,140.6393280029297]},{"page":28,"text":"t` he previous version’s data copy.","rect":[72.0,161.65138244628907,213.75783959484103,152.70497131347657]},{"page":28,"text":"C` heck Java version in both servers","rect":[72.0,177.76023864746095,223.05293459129335,170.5273895263672]},{"page":28,"text":"`java -version","rect":[72.0,197.71951293945313,139.994753909111,189.43063354492188]},{"page":28,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,221.37440490722657,539.5382690372783,212.3184051513672]},{"page":28,"text":"t` he alternatives command to change it:","rect":[72.0,233.33932495117188,242.65932885265353,224.38294982910157]},{"page":28,"text":"`sudo","rect":[72.0,250.0,92.9214583158493,243.1157989501953]},{"page":28,"text":"alternatives","rect":[98.15182495117188,250.0,160.91620166301727,243.1157989501953]},{"page":28,"text":"--config","rect":[166.1465606689453,251.4744110107422,207.98945910930633,243.05601501464845]},{"page":28,"text":"java","rect":[213.21981811523438,251.46444702148438,234.14126880168915,243.17556762695313]},{"page":28,"text":"`5.3.4 Ubuntu and Raspberry Pi OS","rect":[72.0,283.021484375,257.30435031318668,274.0950012207031]},{"page":28,"text":"`Upgrade the two TAK Server packages on the servers on which they","rect":[72.0,301.47027587890627,370.09086624240879,292.29473876953127]},{"page":28,"text":"`First, upgrade the core package.","rect":[72.0,319.4032897949219,212.44276085948946,310.4469299316406]},{"page":28,"text":"`sudo apt install ./takserver-core_5.1-RELEASE-x_all.deb","rect":[72.0,337.4687194824219,359.67003161907197,328.35296630859377]},{"page":28,"text":"are","rect":[373.41839599609377,300.0,386.7184687538147,294.0]},{"page":28,"text":"installed.","rect":[390.0360107421875,300.0,429.3284877882004,292.513916015625]},{"page":28,"text":"N` ext, upgrade the database.","rect":[72.0,361.1933288574219,195.3867916212082,352.2369689941406]},{"page":28,"text":"s` udo apt install ./takserver-database_5.1-RELEASE-x_all.deb","rect":[72.0,379.25970458984377,380.59154040813447,370.1439514160156]},{"page":28,"text":"`This command will make a copy of your existing Postgresql database and update it to version 15. If there is","rect":[71.64099884033203,402.9843444824219,539.5702578705614,393.91839599609377]},{"page":28,"text":"a` n issue with the upgraded database, you can fall back to the copy of the previous version. If the upgrade","rect":[72.0,414.9393310546875,539.549594983519,405.8733825683594]},{"page":28,"text":"s` ucceeds, there will be a delete_old_cluster.sh script automatically created that you can run to safely remove","rect":[72.0,426.8843688964844,539.4983786379127,417.828369140625]},{"page":28,"text":"t` he previous version’s data copy.","rect":[72.0,438.8393859863281,213.75783959484103,429.8929748535156]},{"page":28,"text":"C` heck Java version in both servers","rect":[72.0,454.9492492675781,223.05293459129335,447.7164001464844]},{"page":28,"text":"`java -version","rect":[72.0,474.90753173828127,139.994753909111,466.61865234375]},{"page":28,"text":"T` his should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,498.5623779296875,539.5382690372783,489.5063781738281]},{"page":28,"text":"t` he alternatives command to change it:","rect":[72.0,510.5283203125,242.65932885265353,501.57196044921877]},{"page":28,"text":"s` udo","rect":[72.0,527.0,92.9214583158493,520.3048095703125]},{"page":28,"text":"alternatives","rect":[98.15182495117188,527.0,160.91620166301727,520.3048095703125]},{"page":28,"text":"--config","rect":[166.1465606689453,528.6634521484375,207.98945910930633,520.2450561523438]},{"page":28,"text":"java","rect":[213.21981811523438,528.6535034179688,234.14126880168915,520.3646240234375]},{"page":28,"text":"`5.3.5 Centos 7","rect":[72.0,558.32763671875,150.79419920444489,551.2841186523438]},{"page":28,"text":"I` nstall OpenJDK 17 and other dependencies (if you have not previously done so.)","rect":[72.0,579.0977172851563,428.0732523765564,569.1450805664063]},{"page":28,"text":"`sudo","rect":[72.0,595.0,92.9214583158493,588.4358520507813]},{"page":28,"text":"yum","rect":[98.15182495117188,596.7845458984375,113.84292132854462,590.0]},{"page":28,"text":"install","rect":[119.07328796386719,595.0,155.6858397245407,588.4358520507813]},{"page":28,"text":"-y","rect":[160.91619873046876,596.7845458984375,171.3769255399704,590.0]},{"page":28,"text":"postgis33_15","rect":[176.60728454589845,596.7944946289063,239.3716307401657,588.3262939453125]},{"page":28,"text":"postgis33_15-utils","rect":[244.60198974609376,596.7944946289063,338.74852283000947,588.3262939453125]},{"page":28,"text":"s` udo","rect":[72.0,607.0,92.9214583158493,600.391845703125]},{"page":28,"text":"yum","rect":[98.15182495117188,608.7405395507813,113.84292132854462,602.0]},{"page":28,"text":"install","rect":[119.07328796386719,607.0,155.6858397245407,600.391845703125]},{"page":28,"text":"-y","rect":[160.91619873046876,608.7405395507813,171.3769255399704,602.0]},{"page":28,"text":"postgresql15-server","rect":[176.60728454589845,608.75048828125,275.9841490507126,600.2822875976563]},{"page":28,"text":"postgresql15-contrib","rect":[281.21453857421877,608.75048828125,385.8219176054001,600.2822875976563]},{"page":28,"text":"`sudo yum install -y https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm","rect":[72.0,620.695556640625,527.0421324491501,611.5199584960938]},{"page":28,"text":"N` ote that the yum package manager does not currently support JDK 17 on Centos 7. By installing the","rect":[72.0,644.3603515625,539.587301545498,635.2943725585938]},{"page":28,"text":"p` ackage manually, you will be responsible for future security updates. For a safer long-term solution, we","rect":[72.0,656.3153686523438,539.5264494947168,647.2493896484375]},{"page":28,"text":"`recommend that you update your OS to RHEL 8 or Rocky Linux 8.","rect":[72.0,668.2603759765625,368.66622582530979,659.2044067382813]},{"page":28,"text":"`Upgrade the two TAK Server packages on the servers on which they are installed.","rect":[72.0,686.203369140625,429.3284877882004,677.0277709960938]},{"page":28,"text":"F` irst, upgrade the core package:","rect":[72.0,704.1363525390625,212.44276085948946,695.179931640625]},{"page":28,"text":"`sudo","rect":[72.0,721.0,92.9214583158493,713.912841796875]},{"page":28,"text":"rpm","rect":[98.15182495117188,722.2017211914063,113.84292132854462,715.0]},{"page":28,"text":"-Uvh","rect":[119.07328796386719,721.0,139.994753909111,713.912841796875]},{"page":28,"text":"takserver-core-5.1-RELEASEx.noarch.rpm","rect":[145.22511291503907,722.2017211914063,343.9789000272751,713.7932739257813]},{"page":28,"text":"--nodeps","rect":[349.20928955078127,722.2017211914063,391.0522948026657,713.912841796875]},{"page":28,"text":"27","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.1532592773438]},{"page":29,"text":"`Next, upgrade the database. Setup the extra postgres yum repo for the latest postgres and postgis. Install","rect":[72.0,84.00528717041016,539.5295418350761,74.93931579589844]},{"page":29,"text":"`TAK Server RPM database and its dependencies.","rect":[71.64099884033203,95.84075164794922,287.79949608898166,86.78474426269531]},{"page":29,"text":"s` udo","rect":[72.0,113.0,92.9214583158493,105.76392364501953]},{"page":29,"text":"yum","rect":[98.15182495117188,114.11258697509766,113.84292132854462,107.0]},{"page":29,"text":"install","rect":[119.07328796386719,113.0,155.6858397245407,105.76392364501953]},{"page":29,"text":"epel-release","rect":[160.91619873046876,114.05281066894531,223.680544924736,105.76392364501953]},{"page":29,"text":"-y","rect":[228.91090393066407,114.11258697509766,239.3716307401657,107.0]},{"page":29,"text":"s` udo yum install","rect":[72.0,126.0674819946289,155.6858397245407,117.71881866455078]},{"page":29,"text":"https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.r","rect":[91.92499542236328,138.03245544433595,609.7315855741501,128.84693908691407]},{"page":29,"text":"-y","rect":[91.92499542236328,149.97744750976563,102.38572223186493,143.42205810546876]},{"page":29,"text":"`sudo yum","rect":[72.0,161.93252563476563,113.84292132854462,153.58387756347657]},{"page":29,"text":"update","rect":[119.07328796386719,161.8727569580078,150.45547778606415,153.58387756347657]},{"page":29,"text":"-y","rect":[155.6858367919922,161.93252563476563,166.14656360149383,155.0]},{"page":29,"text":"M` ake sure the database RPM is in the current directory","rect":[72.0,185.61439514160157,317.51832595920566,176.66798400878907]},{"page":29,"text":"s` udo yum install takserver-database-5.1-RELEASE-x.noarch.rpm","rect":[72.0,203.77548217773438,385.8219176054001,195.30728149414063]},{"page":29,"text":"--setopt=clean_requirements_on_remove=false -y","rect":[91.92499542236328,215.73049926757813,332.5227232694626,207.3220672607422]},{"page":29,"text":"T` his command will make a copy of your existing Postgresql database and update it to version 15. If there is","rect":[71.64099884033203,239.42233276367188,539.5702578705614,230.3563690185547]},{"page":29,"text":"a` n issue with the upgraded database, you can fall back to the copy of the previous version. If the upgrade","rect":[72.0,251.37734985351563,539.549594983519,242.31138610839845]},{"page":29,"text":"s` ucceeds, there will be a delete_old_cluster.sh script automatically created that you can run to safely remove","rect":[72.0,263.3223571777344,539.4983786379127,254.26634216308595]},{"page":29,"text":"t` he previous version’s data copy.","rect":[72.0,275.2773742675781,213.75783959484103,266.3309631347656]},{"page":29,"text":"C` heck Java version in both servers","rect":[72.0,291.3872375488281,223.05293459129335,284.1543884277344]},{"page":29,"text":"j` ava -version","rect":[72.0,311.3725280761719,139.994753909111,303.0836486816406]},{"page":29,"text":"`This should tell you have 17.x.y. If the command tells you your Java version is not 17.x.y, then you can use","rect":[71.64099884033203,335.0533752441406,539.5382690372783,325.99737548828127]},{"page":29,"text":"t` he alternatives command to change it:","rect":[72.0,347.0183410644531,242.65932885265353,338.0619812011719]},{"page":29,"text":"`sudo","rect":[72.0,364.0,92.9214583158493,356.82183837890627]},{"page":29,"text":"alternatives","rect":[98.15182495117188,364.0,160.91620166301727,356.82183837890627]},{"page":29,"text":"--config","rect":[166.1465606689453,365.18048095703127,207.98945910930633,356.7620849609375]},{"page":29,"text":"java","rect":[213.21981811523438,365.1705017089844,234.14126880168915,356.8816223144531]},{"page":29,"text":"`6 Containerized Installation (Docker)","rect":[72.0,405.4185485839844,346.801424405098,391.0723571777344]},{"page":29,"text":"`6.1 IronBank","rect":[72.0,425.7774963378906,157.94594006347658,417.3490905761719]},{"page":29,"text":"`See https://ironbank.dso.mil/repomap?searchText=tak%20server (Platform One account required) TAK","rect":[72.0,446.51568603515627,539.9227362007152,436.56304931640627]},{"page":29,"text":"S` erver hardened container images are published to the Platform One Iron Bank container repository. See","rect":[72.0,458.0323181152344,539.5366423658105,448.96636962890627]},{"page":29,"text":"R` EADME for each container for installation instructions.","rect":[72.0,468.15423583984377,322.4597133741379,460.8117980957031]},{"page":29,"text":"6` .2 Building and Installing Container Images Using Docker","rect":[72.0,498.2250671386719,429.6518350830078,487.4892883300781]},{"page":29,"text":"TAK Server can be installed using docker. Start by downloading container images from tak.gov. You will","rect":[71.64099884033203,516.265380859375,539.5618900073946,507.0898132324219]},{"page":29,"text":"`need the docker release which comes as a zip fle called ‘takserver-docker-<version>.zip’.","rect":[72.0,528.1007690429688,457.52279320812229,519.1543579101563]},{"page":29,"text":"`If you using CentOS 7, follow these instructions frst to install docker, start the docker daemon and use it as a","rect":[72.0,546.1533203125,539.5275479980717,537.0873413085938]},{"page":29,"text":"`regular user: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-centos-7","rect":[72.0,558.5467529296875,539.94781109157,548.5941162109375]},{"page":29,"text":"`Next, unzip the docker zip fle. `All further commands should be run from this top level ‘takserver-","rect":[72.0,575.9218139648438,539.7629218348823,566.9754028320313]},{"page":29,"text":"d` ocker-<version>’ directory. `If you are familiar with the rpm install, the ‘tak’ folder within the","rect":[72.0,587.986328125,539.660055451748,578.9303588867188]},{"page":29,"text":"‘takserver-docker-<version>’ directory represents the ‘/opt/tak’ directory installed by the rpm.","rect":[70.61499786376953,600.3897094726563,505.3389722862503,590.4370727539063]},{"page":29,"text":"When","rect":[513.224609375,599.0,539.4523276154663,590.9949340820313]},{"page":29,"text":"`the takserver containers are built, the ‘tak’ directory will be mounted to ‘/opt/tak’ within the containers.","rect":[72.0,612.3447265625,541.3859998741409,602.39208984375]},{"page":29,"text":"`Therefore, any references to ‘/opt/tak’ outside this section of the guide will be equivalent to the ‘tak’ directory","rect":[71.64099884033203,624.2996826171875,539.8326012637957,614.3470458984375]},{"page":29,"text":"`you have on the host, or ‘/opt/tak’ if you are working from inside the container. The ‘tak’ directory is where","rect":[71.74099731445313,636.2557373046875,539.5322531496314,626.3031005859375]},{"page":29,"text":"`the coreconfg, certifcates, logs and other TAK confguration/tools will live. This folder is shared between","rect":[72.0,648.210693359375,539.5311905129981,638.258056640625]},{"page":29,"text":"`the host, the takserver container and the takserver database container. This means you can tail the logs or","rect":[72.0,659.7273559570313,539.7330122968544,650.7709350585938]},{"page":29,"text":"m` anually edit the coreconfg from the host without being inside the container.","rect":[72.0,671.682373046875,413.0595668897629,662.6163940429688]},{"page":29,"text":"`Notes for running in Windows Subsystem for Linux (WSL) 2:","rect":[72.0,690.043701171875,382.43463060092929,680.10107421875]},{"page":29,"text":"`When running TAK Server in the WSL2 environment, follow the steps outlined in the Best Practices section","rect":[71.49199676513672,707.54833984375,539.5146386472549,698.3727416992188]},{"page":29,"text":"h` ere https://docs.docker.com/desktop/windows/wsl/ to maximize TAK Server performance. Specifcally, it’s","rect":[72.0,719.9417114257813,539.5290671938392,709.9890747070313]},{"page":29,"text":"28","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":30,"text":"r` ecommended that you copy the ‘takserver-docker-<version>.zip’ fle into your WSL user’s home directory","rect":[72.0,83.99532318115235,539.8646747494968,74.93931579589844]},{"page":30,"text":"a` nd execute all docker commands from there (vs accessing your Windows flesystem from /mnt). From there,","rect":[72.0,96.3986587524414,540.9335733585099,86.4460220336914]},{"page":30,"text":"`unzip the fle and run the docker commands below for TAK Server. It’s important to unzip the fle from","rect":[72.0,107.79576873779297,539.556863364604,98.73976135253906]},{"page":30,"text":"`within WSL to ensure permissions are setup correctly.","rect":[71.64099884033203,119.8603744506836,307.7247280225754,110.80436706542969]},{"page":30,"text":"`TAK Server CoreConfg Setup: 1. Open tak/CoreConfg.example.xml and set a database password 2.","rect":[72.0,138.24166870117188,541.6785721258723,128.28903198242188]},{"page":30,"text":"`Make any other confguration changes you need","rect":[72.0,149.75827026367188,279.49109589099887,140.6923065185547]},{"page":30,"text":"T` AK Server Database Container Setup: `1. Build TAK server","rect":[72.0,167.5717010498047,365.60881644535069,158.5157012939453]},{"page":30,"text":"d` ocker","rect":[72.0,183.6317901611328,103.38218982219697,177.4948272705078]},{"page":30,"text":"build","rect":[108.61255645751953,183.6317901611328,134.76439197063446,177.4948272705078]},{"page":30,"text":"-t","rect":[139.9947509765625,183.6317901611328,150.45547778606415,178.0]},{"page":30,"text":"takserver-db:\"$(cat","rect":[155.6858367919922,184.39891052246095,255.0627165555954,176.6679229736328]},{"page":30,"text":"tak/version.txt)\"","rect":[260.2930908203125,184.39891052246095,349.20933825969697,176.6679229736328]},{"page":30,"text":"-` f","rect":[354.4397277832031,183.58197021484376,364.9004698514938,177.43504333496095]},{"page":30,"text":"database image:","rect":[368.92633056640627,167.69125366210938,438.6645473585129,158.73487854003907]},{"page":30,"text":"docker/Dockerfile.takserver-db","rect":[370.1308288574219,184.39891052246095,527.0417052030564,176.6679229736328]},{"page":30,"text":".","rect":[532.2720947265625,183.0,537.5024595975876,178.0]},{"page":30,"text":"2. Create a new docker network for the current tak version:","rect":[84.177001953125,207.70115661621095,344.85836449718479,200.4683074951172]},{"page":30,"text":"`docker","rect":[72.0,225.4748077392578,103.38218982219697,219.3378448486328]},{"page":30,"text":"network","rect":[108.61255645751953,225.4748077392578,145.22511584758758,219.3378448486328]},{"page":30,"text":"create","rect":[150.45547485351563,225.4748077392578,181.8376494169235,219.90570068359376]},{"page":30,"text":"takserver-\"$(cat","rect":[187.06800842285157,226.24192810058595,270.7538023710251,218.5109405517578]},{"page":30,"text":"tak/version.txt)\"","rect":[275.98419189453127,226.24192810058595,364.9004393339157,218.5109405517578]},{"page":30,"text":"3. `The TAK Server database container can be confgured to persist data directly to the host or only within","rect":[84.177001953125,251.37734985351563,539.5695370180939,242.20179748535157]},{"page":30,"text":"the container.","rect":[96.9070053100586,261.3896179199219,156.9117397413254,254.3759307861328]},{"page":30,"text":"a. `To persist to the host, create an empty host directory (unless you have a directory from a previous","rect":[84.177001953125,281.7036437988281,539.5539404128406,271.7510070800781]},{"page":30,"text":"docker install you want to reuse). For upgrading purposes, we recommend that you keep the takserver","rect":[96.9070053100586,293.65869140625,539.7574128289692,283.7060546875]},{"page":30,"text":"database directory outside of the ‘takserver-docker-<version>’ directory structure.","rect":[96.9070053100586,305.1654052734375,457.3438991651535,296.1094055175781]},{"page":30,"text":"d` ocker","rect":[72.0,322.0,103.38218982219697,314.9788513183594]},{"page":30,"text":"run","rect":[108.61255645751953,322.0,124.30365283489228,316.0]},{"page":30,"text":"-d","rect":[129.53402709960938,322.0,139.994753909111,314.9788513183594]},{"page":30,"text":"-v","rect":[145.22511291503907,322.0,155.6858397245407,316.0]},{"page":30,"text":"<absolute","rect":[160.91619873046876,322.0,207.98945910930633,314.9788513183594]},{"page":30,"text":"path","rect":[213.21981811523438,323.2677307128906,234.14126880168915,314.9788513183594]},{"page":30,"text":"to","rect":[239.3716278076172,322.0,249.83235461711883,315.5467224121094]},{"page":30,"text":"takserver","rect":[255.06271362304688,322.0,302.13597400188447,314.9788513183594]},{"page":30,"text":"database","rect":[307.3663330078125,322.0,349.2092772245407,314.9788513183594]},{"page":30,"text":"directory>:/var/lib/postgresql/data:z","rect":[91.92499542236328,335.29248046875,285.4484434843063,326.1069641113281]},{"page":30,"text":"-v","rect":[290.6788024902344,334.0,301.13951404094697,328.0]},{"page":30,"text":"$(pwd)/tak:/opt/tak:z","rect":[306.369873046875,335.22271728515627,416.20884997844697,326.1069641113281]},{"page":30,"text":"-it","rect":[421.439208984375,334.0,437.1302977323532,326.9936218261719]},{"page":30,"text":"-p","rect":[442.36065673828127,335.22271728515627,452.8213682889938,328.0]},{"page":30,"text":"5432:5432","rect":[458.0517578125,334.0,505.1250181913376,326.8143005371094]},{"page":30,"text":"--network","rect":[91.92499542236328,345.02581787109377,138.99827868938446,338.88885498046877]},{"page":30,"text":"takserver-\"$(cat","rect":[144.22865295410157,345.7929382324219,227.91446216106415,338.0619812011719]},{"page":30,"text":"tak/version.txt)\"","rect":[233.14483642578126,345.7929382324219,322.0610838651657,338.0619812011719]},{"page":30,"text":"--network-alias","rect":[327.2914733886719,345.02581787109377,405.7488280057907,338.88885498046877]},{"page":30,"text":"tak-database","rect":[410.97900390625,345.02581787109377,473.74339587688447,338.88885498046877]},{"page":30,"text":"--name","rect":[478.9737548828125,345.02581787109377,510.3559141874313,340.0]},{"page":30,"text":"takserver-db-\"$(cat tak/version.txt)\" takserver-db:\"$(cat tak/version.txt)\"","rect":[91.92499542236328,357.7489318847656,484.2025328397751,350.0179748535156]},{"page":30,"text":"b. `To run TAK server database with container only persistence","rect":[83.62299346923828,382.8743896484375,360.09508618545535,373.70880126953127]},{"page":30,"text":"`docker","rect":[72.0,398.8247985839844,103.38218982219697,392.6878356933594]},{"page":30,"text":"run","rect":[108.61255645751953,398.0,124.30365283489228,393.0]},{"page":30,"text":"-d","rect":[129.53402709960938,398.8247985839844,139.994753909111,392.6878356933594]},{"page":30,"text":"-v","rect":[145.22511291503907,398.0,155.6858397245407,393.0]},{"page":30,"text":"$(pwd`)/tak:/opt/tak:z","rect":[160.91619873046876,400.9767150878906,270.7538634061813,391.8609619140625]},{"page":30,"text":"-it","rect":[275.98419189453127,399.0,291.6753111600876,392.74761962890627]},{"page":30,"text":"-p","rect":[296.9056396484375,400.9767150878906,307.3663817167282,393.0]},{"page":30,"text":"5432:5432","rect":[312.59674072265627,399.0,359.6700011014938,392.56829833984377]},{"page":30,"text":"--network","rect":[364.9003601074219,399.0,411.97362048625947,392.6878356933594]},{"page":30,"text":"takserver-\"$(cat","rect":[417.2039794921875,399.5919189453125,500.8899107694626,391.8609619140625]},{"page":30,"text":"tak/version.txt)\"","rect":[91.92499542236328,411.5469055175781,180.84120471477508,403.8159484863281]},{"page":30,"text":"--network-alias","rect":[186.07156372070313,410.77978515625,264.52781970500947,404.642822265625]},{"page":30,"text":"tak-database","rect":[269.75799560546877,410.77978515625,332.5223875761032,404.642822265625]},{"page":30,"text":"--name","rect":[337.75274658203127,410.77978515625,369.1349058866501,405.0]},{"page":30,"text":"takserver-db-\"$(cat","rect":[374.36529541015627,411.5469055175781,473.7422056913376,403.8159484863281]},{"page":30,"text":"tak/version.txt)\" takserver-db:\"$(cat tak/version.txt)\"","rect":[91.92499542236328,423.5019226074219,379.5951719999313,415.7709655761719]},{"page":30,"text":"`TAK Server Container Setup: 1. Build TAK Server image:","rect":[72.0,448.6373291015625,348.83147851085666,439.4617919921875]},{"page":30,"text":"`docker","rect":[72.0,464.5777893066406,103.38218982219697,458.4408264160156]},{"page":30,"text":"build","rect":[108.61255645751953,464.5777893066406,134.76439197063446,458.4408264160156]},{"page":30,"text":"-t","rect":[139.9947509765625,464.5777893066406,150.45547778606415,459.0]},{"page":30,"text":"takserver:\"$(cat","rect":[155.6858367919922,465.34490966796877,239.3716307401657,457.61395263671877]},{"page":30,"text":"tak/version.txt)\"","rect":[244.6020050048828,465.34490966796877,333.5182371854782,457.61395263671877]},{"page":30,"text":"-f","rect":[338.7486267089844,464.5279846191406,349.2093687772751,458.3810729980469]},{"page":30,"text":"docker/Dockerfile.takserver","rect":[354.4397277832031,465.34490966796877,495.65953357219697,457.61395263671877]},{"page":30,"text":".","rect":[500.889892578125,464.0,506.1202574491501,459.0]},{"page":30,"text":"2. Running TAK Server container: use -p <host port>:<container port> to map any additional ports you","rect":[84.177001953125,490.4803161621094,539.5771053774689,481.3047790527344]},{"page":30,"text":"have confgured. Adding new inputs or changing ports while the container is running will","rect":[96.9070053100586,502.4363098144531,539.6960644397883,493.370361328125]},{"page":30,"text":"require the container to be recreated so that the new port mapping can be added.","rect":[96.9070053100586,514.3414916992188,510.73345872592929,505.4349670410156]},{"page":30,"text":"`docker","rect":[72.0,530.330810546875,103.38218982219697,524.19384765625]},{"page":30,"text":"run","rect":[108.61255645751953,530.0,124.30365283489228,525.0]},{"page":30,"text":"-d","rect":[129.53402709960938,530.330810546875,139.994753909111,524.19384765625]},{"page":30,"text":"-v","rect":[145.22511291503907,530.0,155.6858397245407,525.0]},{"page":30,"text":"$(pwd)` /tak:/opt/tak:z","rect":[160.91619873046876,532.4827270507813,270.7538634061813,523.366943359375]},{"page":30,"text":"-it","rect":[275.98419189453127,531.0,291.6753111600876,524.253662109375]},{"page":30,"text":"-p","rect":[296.9056396484375,532.4827270507813,307.3663817167282,525.0]},{"page":30,"text":"8089:8089","rect":[312.59674072265627,531.0,359.6700011014938,524.0842895507813]},{"page":30,"text":"-p","rect":[364.9003601074219,532.4827270507813,375.3611021757126,525.0]},{"page":30,"text":"8443:8443","rect":[380.5914306640625,531.0,427.6646910429001,524.0742797851563]},{"page":30,"text":"-p","rect":[432.89508056640627,532.4827270507813,443.3557921171188,525.0]},{"page":30,"text":"8444:8444","rect":[448.586181640625,531.0,495.6595640897751,524.0742797851563]},{"page":30,"text":"-p","rect":[500.88995361328127,532.4827270507813,511.3506651639938,525.0]},{"page":30,"text":"8446:8446","rect":[91.92499542236328,543.0,138.99827868938446,536.0302734375]},{"page":30,"text":"-p","rect":[144.22865295410157,544.438720703125,154.6893797636032,537.8833618164063]},{"page":30,"text":"9000:9000","rect":[159.91973876953126,543.0,206.99299914836883,536.040283203125]},{"page":30,"text":"-p","rect":[212.22335815429688,544.438720703125,222.68410022258758,537.8833618164063]},{"page":30,"text":"9001:9001","rect":[227.91445922851563,543.0,274.9877196073532,536.040283203125]},{"page":30,"text":"--network","rect":[280.21807861328127,543.0,327.2913389921188,536.1498413085938]},{"page":30,"text":"takserver-\"$(cat","rect":[332.5216979980469,543.053955078125,416.20762927532197,535.3229370117188]},{"page":30,"text":"tak/version.txt)\"","rect":[421.4380187988281,543.053955078125,510.3542662382126,535.3229370117188]},{"page":30,"text":"--name","rect":[91.92499542236328,554.2418212890625,123.30718524456025,549.0]},{"page":30,"text":"takserver-\"$(cat","rect":[128.5375518798828,555.0089721679688,212.2233610868454,547.2779541015625]},{"page":30,"text":"tak/version.txt)\"","rect":[217.4537353515625,555.0089721679688,306.36998279094697,547.2779541015625]},{"page":30,"text":"takserver:\"$(cat","rect":[311.6003723144531,555.0089721679688,395.28624255657197,547.2779541015625]},{"page":30,"text":"tak/version.txt)\"","rect":[400.5166320800781,555.0089721679688,489.4328795194626,547.2779541015625]},{"page":30,"text":"3.","rect":[84.17699432373047,578.3112182617188,91.91793480968475,571.4669189453125]},{"page":30,"text":"Before using the TAK Server, you must setup the certifcates for secure operation. `If you","rect":[96.9070053100586,580.1343383789063,539.9801623557861,571.078369140625]},{"page":30,"text":"have already confgured certifcates you can skip this step. You can also copy existing certifcates into","rect":[96.9070053100586,592.099365234375,539.5483263847758,583.0333862304688]},{"page":30,"text":"‘tak/certs/fles’ and a UserAuthetication.xml fle into ‘tak/’ to reuse existing certifcate authentication","rect":[95.5219955444336,604.4927368164063,539.4938342307861,594.5401000976563]},{"page":30,"text":"settings. `Any change to certifcates while the container is running will require either a","rect":[96.9070053100586,616.0103759765625,539.7275941623288,606.9942016601563]},{"page":30,"text":"TAK server restart or container restart. A` dditional certifcate details can be found in Appendix","rect":[96.9070053100586,627.8457641601563,540.0029043640681,618.7897338867188]},{"page":30,"text":"B.","rect":[96.9070053100586,637.8779907226563,106.72016564464569,631.0735473632813]},{"page":30,"text":"a. Edit tak/certs/cert-metadata.sh","rect":[106.09400939941406,658.2916870117188,258.7210153245926,648.3390502929688]},{"page":30,"text":"b. Generate root ca","rect":[105.54100799560547,673.9522094726563,192.20566511154176,666.7193603515625]},{"page":30,"text":"docker exec -it takserver-\"$(cat","rect":[96.9070053100586,692.4929809570313,264.2782774686813,684.761962890625]},{"page":30,"text":"./makeRootCa.sh\"","rect":[116.83200073242188,704.4479370117188,200.51784045696258,696.7169189453125]},{"page":30,"text":"tak/version.txt)\"","rect":[269.5086669921875,692.4929809570313,358.42491443157197,684.761962890625]},{"page":30,"text":"`bash","rect":[363.6553039550781,691.725830078125,384.57676990032197,685.5888671875]},{"page":30,"text":"-c","rect":[389.80712890625,691.725830078125,400.2678709745407,686.0]},{"page":30,"text":"\"cd","rect":[405.49822998046877,691.725830078125,421.1893492460251,685.4793090820313]},{"page":30,"text":"/opt/tak/certs","rect":[426.4197082519531,693.8777465820313,499.6448546171188,684.761962890625]},{"page":30,"text":"&&","rect":[504.875244140625,691.775634765625,515.3359862089158,685.4793090820313]},{"page":30,"text":"29","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":31,"text":"c. Generate server cert","rect":[106.64800262451172,82.17216491699219,206.9414927330017,74.93931579589844]},{"page":31,"text":"docker","rect":[96.9070053100586,99.04383087158203,128.28919513225555,92.90686798095703]},{"page":31,"text":"exec","rect":[133.5189971923828,99.04383087158203,154.44046313762665,94.57062530517578]},{"page":31,"text":"-it","rect":[159.67098999023438,99.04383087158203,175.36207873821258,92.96664428710938]},{"page":31,"text":"takserver-\"$(cat","rect":[180.5924530029297,99.81095123291016,264.2782774686813,92.07997131347656]},{"page":31,"text":"tak/version.txt)\"","rect":[269.5086669921875,99.81095123291016,358.42491443157197,92.07997131347656]},{"page":31,"text":"./makeCert.sh","rect":[116.83200073242188,111.7659683227539,184.82673938274383,104.03498840332031]},{"page":31,"text":"server","rect":[190.05709838867188,110.99884796142578,221.43928821086883,106.56549072265625]},{"page":31,"text":"takserver\"","rect":[226.66964721679688,110.99884796142578,278.9732847929001,104.7522964477539]},{"page":31,"text":"`bash","rect":[363.6553039550781,99.04383087158203,384.57676990032197,92.90686798095703]},{"page":31,"text":"-c","rect":[389.80712890625,99.04383087158203,400.2678709745407,94.0]},{"page":31,"text":"\"cd","rect":[405.49822998046877,99.04383087158203,421.1893492460251,92.79727935791016]},{"page":31,"text":"/opt/tak/certs","rect":[426.4197082519531,101.19575500488281,499.6448546171188,92.07997131347656]},{"page":31,"text":"&&","rect":[504.875244140625,99.09364318847656,515.3359862089158,92.79727935791016]},{"page":31,"text":"d. Create client cert(s)","rect":[105.54100036621094,136.43869018554688,205.97394817733764,126.4860610961914]},{"page":31,"text":"docker exec -it takserver-\"$(cat","rect":[96.9070053100586,151.8069305419922,264.2782774686813,144.07594299316407]},{"page":31,"text":"./makeCert.sh","rect":[116.83200073242188,163.76194763183595,184.82673938274383,156.0309600830078]},{"page":31,"text":"client","rect":[190.05709838867188,162.9948272705078,221.43928821086883,156.8578643798828]},{"page":31,"text":"<user>\"","rect":[226.66964721679688,162.9948272705078,263.28221423625947,156.74827575683595]},{"page":31,"text":"tak/version.txt)\"","rect":[269.5086669921875,151.8069305419922,358.42491443157197,144.07594299316407]},{"page":31,"text":"b` ash","rect":[363.6553039550781,151.03981018066407,384.57676990032197,144.90284729003907]},{"page":31,"text":"-c","rect":[389.80712890625,151.03981018066407,400.2678709745407,146.0]},{"page":31,"text":"\"cd","rect":[405.49822998046877,151.03981018066407,421.1893492460251,144.7932586669922]},{"page":31,"text":"/opt/tak/certs","rect":[426.4197082519531,153.1917266845703,499.6448546171188,144.07594299316407]},{"page":31,"text":"&&","rect":[504.875244140625,151.08961486816407,515.3359862089158,144.7932586669922]},{"page":31,"text":"e. Restart takserver to load new certifcates","rect":[106.64800262451172,186.16319274902345,298.0893573207855,178.9303436279297]},{"page":31,"text":"docker exec -d takserver-\"$(cat","rect":[96.9070053100586,203.8019256591797,259.04791553020478,196.07093811035157]},{"page":31,"text":"./configureInDocker.sh\"","rect":[116.83200073242188,217.21250915527345,237.1303740262985,208.02699279785157]},{"page":31,"text":"`bash","rect":[358.4249267578125,203.03480529785157,379.3463927030563,196.89784240722657]},{"page":31,"text":"-c","rect":[384.5767517089844,203.03480529785157,395.0374937772751,198.0]},{"page":31,"text":"\"cd","rect":[400.2678527832031,203.03480529785157,415.95897204875947,196.7882537841797]},{"page":31,"text":"/opt/tak/","rect":[421.1893310546875,205.1867218017578,468.2626524686813,196.07093811035157]},{"page":31,"text":"&&","rect":[473.4930419921875,203.08460998535157,483.9537840604782,196.7882537841797]},{"page":31,"text":"f. `Tail takserver logs from the host. O` nce TAK server has successfully started, proceed to","rect":[108.03199768066406,239.99234008789063,539.8208224745215,230.92637634277345]},{"page":31,"text":"the next step.","rect":[118.8239974975586,251.82774353027345,188.38287278842928,242.9909210205078]},{"page":31,"text":"tail -f tak/logs/takserver-messaging.log","rect":[96.9070053100586,269.20745849609377,306.1215391874313,260.0219421386719]},{"page":31,"text":"tail -f tak/logs/takserver-api.log","rect":[96.9070053100586,281.16351318359377,274.73936755657197,271.9779968261719]},{"page":31,"text":"4. `Accessing takserver Create admin client certifcate for access on secure port 8443 (https):","rect":[84.177001953125,304.3817138671875,486.07818261241916,294.4290771484375]},{"page":31,"text":"docker","rect":[96.9070053100586,318.9818115234375,128.28919513225555,312.8448486328125]},{"page":31,"text":"exec","rect":[133.5189971923828,318.9818115234375,154.44046313762665,314.50860595703127]},{"page":31,"text":"takserver-\"$(cat","rect":[159.67098999023438,319.7489318847656,243.356814455986,312.0179748535156]},{"page":31,"text":"tak/version.txt)\"","rect":[248.58718872070313,319.7489318847656,337.5034361600876,312.0179748535156]},{"page":31,"text":"b` ash","rect":[342.73382568359377,318.9818115234375,363.6552916288376,312.8448486328125]},{"page":31,"text":"-c","rect":[368.8856506347656,318.9818115234375,379.3463927030563,313.0]},{"page":31,"text":"\"cd /opt/tak/","rect":[389.8070983886719,321.13372802734377,457.8018980741501,312.0179748535156]},{"page":31,"text":"utils/UserManager.jar","rect":[116.83200073242188,333.1584777832031,226.6696501493454,323.97296142578127]},{"page":31,"text":"certmod","rect":[231.9000244140625,330.9367980957031,268.5125914335251,324.7998352050781]},{"page":31,"text":"-A","rect":[273.7429504394531,330.8869934082031,284.2036925077438,324.6802978515625]},{"page":31,"text":"certs/files/<client","rect":[289.43408203125,331.70391845703127,388.81102283000947,323.97296142578127]},{"page":31,"text":"cert>.pem\"","rect":[394.0414123535156,333.0887145996094,446.3450499296188,324.69024658203127]},{"page":31,"text":"-jar","rect":[504.8752136230469,321.1935119628906,525.7967100858689,312.9046325683594]},{"page":31,"text":"`Hardened TAK Server Setup:","rect":[72.0,355.81878662109377,220.88108751010896,346.9421081542969]},{"page":31,"text":"T` he hardened TAK Database and Server containers provide additional security by including the use of secure","rect":[71.64099884033203,373.8713073730469,539.5299338136939,364.6957702636719]},{"page":31,"text":"`Iron Bank base images, container health checks, and minimizing user privileges within the containers.","rect":[72.0,385.8262939453125,515.2061122999191,376.86993408203127]},{"page":31,"text":"T` he hardened TAK images are available in a zip fle, takserver-docker-hardened-<version>.zip. The steps for","rect":[71.64099884033203,403.75933837890627,539.7251228567577,394.58380126953127]},{"page":31,"text":"s` etting up the hardened containers are similar to the standard docker installation steps given above except","rect":[72.0,415.71435546875,539.7698258953977,406.75799560546877]},{"page":31,"text":"`for the following:","rect":[72.0,427.6693420410156,145.84278527355196,418.6033935546875]},{"page":31,"text":"C` ertifcate Generation:","rect":[72.0,443.65966796875,187.43664476108553,436.5862121582031]},{"page":31,"text":"The certifcate generation container is only required to run once for TAK Server","rect":[71.64099884033203,463.53533935546877,436.8071462644124,454.35980224609377]},{"page":31,"text":"c` ommands in this section from the root of the unzipped hardened docker contents.","rect":[72.0,475.37078857421877,432.28741112804416,466.42437744140627]},{"page":31,"text":"initialization.","rect":[440.8922119140625,462.0,499.51591320421906,454.5789794921875]},{"page":31,"text":"Run all","rect":[506.2328796386719,462.0,539.5129529991409,454.5789794921875]},{"page":31,"text":"1. Build the Certifcate Authority Setup Image:","rect":[84.177001953125,493.42333984375,292.813747797966,484.247802734375]},{"page":31,"text":"d` ocker","rect":[72.0,509.0,103.38218982219697,502.3248596191406]},{"page":31,"text":"build","rect":[108.61255645751953,509.0,134.76439197063446,502.3248596191406]},{"page":31,"text":"-t","rect":[139.9947509765625,509.0,150.45547778606415,502.8927307128906]},{"page":31,"text":"ca-setup-hardened","rect":[155.6858367919922,510.6137390136719,244.60199267864227,502.3248596191406]},{"page":31,"text":"--build-arg","rect":[249.8323516845703,510.6835021972656,307.3663511991501,502.3248596191406]},{"page":31,"text":"ARG_CA_NAME=<CA_NAME>","rect":[312.5966796875,509.0,422.43455798625947,502.205322265625]},{"page":31,"text":"ARG_STATE=<ST>","rect":[91.92499542236328,521.0,165.15010364055633,514.1602783203125]},{"page":31,"text":"--build-arg","rect":[170.38046264648438,522.6384887695313,227.91444690227508,514.2798461914063]},{"page":31,"text":"ARG_CITY=<CITY>","rect":[233.14480590820313,521.0,311.6002379179001,514.1602783203125]},{"page":31,"text":"--build-arg","rect":[316.8305969238281,522.6384887695313,374.3646422147751,514.2798461914063]},{"page":31,"text":"ARG_ORGANIZATIONAL_UNIT=<UNIT>","rect":[91.92499542236328,532.421630859375,248.83589465618133,526.1152954101563]},{"page":31,"text":"-f","rect":[254.06625366210938,532.322021484375,264.5269957304001,526.1751098632813]},{"page":31,"text":"docker/Dockerfile.ca","rect":[269.7573547363281,533.1389770507813,374.3646422147751,525.407958984375]},{"page":31,"text":".","rect":[379.59503173828127,532.0,384.8253966093063,527.0]},{"page":31,"text":"--build-arg","rect":[427.6649475097656,510.6835021972656,485.19908435344697,502.3248596191406]},{"page":31,"text":"2. Run the Certifcate Authority Setup Container: If certifcates have previously been generated and exist","rect":[84.17699432373047,557.3743896484375,539.7957267767234,548.1987915039063]},{"page":31,"text":"in the tak/cert/fles path when building the ca-setup-hardened image then certifcate generation will be","rect":[96.9070053100586,569.7677001953125,539.5380514894752,559.8150634765625]},{"page":31,"text":"skipped at runtime.","rect":[96.9070053100586,581.164794921875,182.39608422374728,572.3279418945313]},{"page":31,"text":"d` ocker","rect":[72.0,597.0,103.38218982219697,590.1858520507813]},{"page":31,"text":"run","rect":[108.61255645751953,597.0,124.30365283489228,592.0]},{"page":31,"text":"--name","rect":[129.53402709960938,597.0,160.91620166301727,592.0]},{"page":31,"text":"ca-setup-hardened","rect":[166.1465606689453,598.4747314453125,255.0627165555954,590.1858520507813]},{"page":31,"text":"-it","rect":[260.2930908203125,597.0,275.9841490507126,590.2456665039063]},{"page":31,"text":"-d","rect":[281.21453857421877,597.0,291.6752501249313,590.1858520507813]},{"page":31,"text":"ca-setup-hardened","rect":[296.9056091308594,598.4747314453125,385.8219176054001,590.1858520507813]},{"page":31,"text":"3. Copy the generated certifcates for TAK Server:","rect":[84.177001953125,621.3243408203125,305.2669948682785,612.1487426757813]},{"page":31,"text":"`docker","rect":[72.0,637.0,103.38218982219697,630.226806640625]},{"page":31,"text":"cp","rect":[108.61255645751953,638.5156860351563,119.07329089641572,631.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files","rect":[124.30364990234375,638.5156860351563,302.13597400188447,629.39990234375]},{"page":31,"text":"files","rect":[307.3663330078125,637.0,333.5181456327438,630.1670532226563]},{"page":31,"text":"[","rect":[72.0,661.0409545898438,77.23036487102509,653.3099365234375]},{"page":31,"text":"-d","rect":[82.46073150634766,660.2738037109375,92.9214583158493,654.1368408203125]},{"page":31,"text":"tak/certs/files","rect":[98.15182495117188,661.0409545898438,176.60728747844696,653.3099365234375]},{"page":31,"text":"]","rect":[181.837646484375,661.0409545898438,187.06801135540008,653.3099365234375]},{"page":31,"text":"||","rect":[192.29837036132813,661.0409545898438,202.75909717082977,653.3099365234375]},{"page":31,"text":"mkdir","rect":[207.9894561767578,660.2738037109375,234.14126880168915,654.1368408203125]},{"page":31,"text":"tak/certs/files","rect":[239.3716278076172,661.0409545898438,317.8270445585251,653.3099365234375]},{"page":31,"text":"\\","rect":[323.05743408203127,661.0409545898438,328.2877989530563,653.3099365234375]},{"page":31,"text":"&` &","rect":[72.0,673.0,82.46072680950165,665.9822998046875]},{"page":31,"text":"docker","rect":[87.69109344482422,673.0,119.07329089641572,666.0918579101563]},{"page":31,"text":"cp","rect":[124.30364990234375,674.3807373046875,134.76439197063446,667.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files/takserver.jks","rect":[139.9947509765625,674.4405517578125,391.0522948026657,665.2649536132813]},{"page":31,"text":"tak/certs/files/","rect":[396.2826843261719,673.0,479.9687071561813,665.2649536132813]},{"page":31,"text":"\\","rect":[485.1990966796875,672.9959716796875,490.4294615507126,665.2649536132813]},{"page":31,"text":"&` &","rect":[72.0,685.0,82.46072680950165,677.9382934570313]},{"page":31,"text":"docker","rect":[87.69109344482422,685.0,119.07329089641572,678.0478515625]},{"page":31,"text":"cp","rect":[124.30364990234375,686.3367309570313,134.76439197063446,679.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files/truststore-root.jks","rect":[139.9947509765625,686.3965454101563,422.43455798625947,677.220947265625]},{"page":31,"text":"tak/certs/files/","rect":[427.6649475097656,685.0,511.3509703397751,677.220947265625]},{"page":31,"text":"\\","rect":[516.5813598632813,684.9519653320313,521.8117247343064,677.220947265625]},{"page":31,"text":"&` &","rect":[72.0,697.0,82.46072680950165,689.8932495117188]},{"page":31,"text":"docker","rect":[87.69109344482422,697.0,119.07329089641572,690.0028076171875]},{"page":31,"text":"cp","rect":[124.30364990234375,698.2916870117188,134.76439197063446,691.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files/fed-truststore.jks","rect":[139.9947509765625,698.3515014648438,417.2041807889938,689.1759033203125]},{"page":31,"text":"tak/certs/files/","rect":[422.4345703125,697.0,506.12059314250947,689.1759033203125]},{"page":31,"text":"\\","rect":[511.3509826660156,696.9069213867188,516.5813475370408,689.1759033203125]},{"page":31,"text":"`&&","rect":[72.0,709.0,82.46072680950165,701.8482666015625]},{"page":31,"text":"docker","rect":[87.69109344482422,709.0,119.07329089641572,701.9578247070313]},{"page":31,"text":"cp","rect":[124.30364990234375,710.2467041015625,134.76439197063446,703.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files/admin.pem","rect":[139.9947509765625,710.2467041015625,370.1307860136032,701.1309204101563]},{"page":31,"text":"tak/certs/files/","rect":[375.3611755371094,709.0,459.0471983671188,701.1309204101563]},{"page":31,"text":"\\","rect":[464.277587890625,708.8619384765625,469.5079527616501,701.1309204101563]},{"page":31,"text":"&` &","rect":[72.0,721.0,82.46072680950165,713.8032836914063]},{"page":31,"text":"docker","rect":[87.69109344482422,721.0,119.07329089641572,713.912841796875]},{"page":31,"text":"cp","rect":[124.30364990234375,722.2017211914063,134.76439197063446,715.0]},{"page":31,"text":"ca-setup-hardened:/tak/certs/files/config-takserver.cfg","rect":[139.9947509765625,722.271484375,427.6649351835251,713.0859375]},{"page":31,"text":"tak/certs/files/","rect":[432.89532470703127,721.0,516.5813475370408,713.0859375]},{"page":31,"text":"30","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":32,"text":"T` AK Server Database Hardened Container Setup:","rect":[72.0,83.88573455810547,324.13348313999179,75.0090560913086]},{"page":32,"text":"1. Building the hardened docker images requires creating an Iron Bank/Repo1 account to access the","rect":[84.177001953125,102.3757095336914,539.6079924634668,92.4230728149414]},{"page":32,"text":"approved base images. To create an account, follow the instructions in the IronBank Getting Started","rect":[96.9070053100586,113.8934097290039,539.5656170789516,104.82743835449219]},{"page":32,"text":"page. To download the base images via the CLI, see the instructions in the Registry Access section.","rect":[96.9070053100586,125.84830474853516,541.5185071983597,116.67274475097656]},{"page":32,"text":"A` fter obtaining the necessary credentials, run:","rect":[96.52799987792969,137.80331420898438,298.0415004835129,128.6277618408203]},{"page":32,"text":"docker login registry1.dso.mil","rect":[72.0,155.88645935058595,228.91119678020477,147.4182586669922]},{"page":32,"text":"2. Follow the instructions in the TAK Server CoreConfg Setup section and update the <connection-url>","rect":[84.177001953125,179.49032592773438,541.1099922263219,170.3147735595703]},{"page":32,"text":"tag with the hardened TAK Database container name. For example:","rect":[96.9070053100586,191.44528198242188,395.65548363780979,182.2697296142578]},{"page":32,"text":"c` onnection","rect":[72.0,207.3068389892578,124.30365283489228,201.22964477539063]},{"page":32,"text":"url=\"jdbc:postgresql://tak-database-hardened-<version>:5432/cot\"","rect":[129.53402709960938,209.5284881591797,464.2773924589157,200.3429718017578]},{"page":32,"text":"username=\"martiuser\"","rect":[91.92499542236328,219.2617950439453,196.53230578899383,213.01524353027345]},{"page":32,"text":"password=<password>/>","rect":[201.76266479492188,221.41371154785157,311.6002989530563,212.2979278564453]},{"page":32,"text":"3. Create a new docker network for the current tak version:","rect":[84.17699432373047,243.2541961669922,344.85836449718479,236.02134704589845]},{"page":32,"text":"`docker","rect":[72.0,260.9488525390625,103.38218982219697,254.81190490722657]},{"page":32,"text":"network","rect":[108.61255645751953,260.9488525390625,145.22511584758758,254.81190490722657]},{"page":32,"text":"create","rect":[150.45547485351563,260.9488525390625,181.8376494169235,255.3797607421875]},{"page":32,"text":"takserver-net-hardened-\"$(cat","rect":[187.06800842285157,261.7159729003906,338.7485533475876,253.98500061035157]},{"page":32,"text":"tak/version.txt)\"","rect":[343.97894287109377,261.7159729003906,432.8951903104782,253.98500061035157]},{"page":32,"text":"`Ensure in the db-utils/pg_hba.conf fle that there is an entry for the subnet of the hardened takserver network.","rect":[72.0,287.211669921875,541.4119669131974,277.259033203125]},{"page":32,"text":"T` o determine the subnet of the network:","rect":[71.64099884033203,296.78564453125,247.8494838819504,289.6623840332031]},{"page":32,"text":"`docker","rect":[72.0,315.0,103.38218982219697,308.453857421875]},{"page":32,"text":"network","rect":[108.61255645751953,315.0,145.22511584758758,308.453857421875]},{"page":32,"text":"inspect","rect":[150.45547485351563,316.74273681640627,187.06801135540008,308.5136413574219]},{"page":32,"text":"takserver-net-hardened-\"$(cat","rect":[192.29837036132813,315.3579406738281,343.9789000272751,307.6269836425781]},{"page":32,"text":"tak/version.txt)\"","rect":[349.20928955078127,315.3579406738281,438.1255369901657,307.6269836425781]},{"page":32,"text":"`Or to specify the","rect":[72.0,340.4053955078125,145.88263806533815,331.3493957519531]},{"page":32,"text":"`docker network","rect":[72.0,356.27777099609377,145.22511584758758,350.14080810546877]},{"page":32,"text":"subnet on network creation:","rect":[149.21014404296876,339.0,270.68413964366916,331.458984375]},{"page":32,"text":"create takserver-net-hardened-\"$(cat","rect":[150.45547485351563,357.0448913574219,338.7485533475876,349.3139343261719]},{"page":32,"text":"tak/version.txt)\"","rect":[343.97894287109377,357.0448913574219,432.8951903104782,349.3139343261719]},{"page":32,"text":"--subnet=<subnet>","rect":[438.1255798339844,356.27777099609377,527.0417662382126,350.14080810546877]},{"page":32,"text":"4. Build the hardened TAK Database image:","rect":[84.177001953125,382.102294921875,280.85860863780979,372.9267578125]},{"page":32,"text":"d` ocker","rect":[72.0,397.96380615234377,103.38218982219697,391.82684326171877]},{"page":32,"text":"build","rect":[108.61255645751953,397.96380615234377,134.76439197063446,391.82684326171877]},{"page":32,"text":"-t","rect":[139.9947509765625,397.96380615234377,150.45547778606415,392.0]},{"page":32,"text":"tak-database-hardened:\"$(cat","rect":[155.6858367919922,398.7309265136719,302.1360045194626,390.9999694824219]},{"page":32,"text":"tak/version.txt)\"","rect":[307.36639404296877,398.7309265136719,396.2826414823532,390.9999694824219]},{"page":32,"text":"docker/Dockerfile.hardened-takserver-db.","rect":[91.92499542236328,410.6859130859375,306.3698912382126,402.9549560546875]},{"page":32,"text":"-f","rect":[401.5130310058594,397.91400146484377,411.9737730741501,391.76708984375]},{"page":32,"text":"5. Run the hardened TAK Database container:","rect":[84.17699432373047,433.9112243652344,290.0042690382004,426.56878662109377]},{"page":32,"text":"d` ocker","rect":[72.0,451.6058044433594,103.38218982219697,445.4688415527344]},{"page":32,"text":"run","rect":[108.61255645751953,451.6058044433594,124.30365283489228,447.20233154296877]},{"page":32,"text":"--name","rect":[129.53402709960938,451.6058044433594,160.91620166301727,446.0]},{"page":32,"text":"tak-database-hardened-\"$(cat","rect":[166.1465606689453,452.3729248046875,312.5967589139938,444.6419677734375]},{"page":32,"text":"tak/version.txt)\"","rect":[317.8271484375,452.3729248046875,406.74339587688447,444.6419677734375]},{"page":32,"text":"--network","rect":[411.9737854003906,451.6058044433594,459.0470762968063,445.4688415527344]},{"page":32,"text":"takserver-net-hardened-\"$(cat tak/version.txt)\" --network-alias t` ak-database","rect":[91.92499542236328,464.32794189453127,489.4343443632126,456.59698486328127]},{"page":32,"text":"tak-database-hardened:\"$(cat","rect":[91.92499542236328,476.283935546875,238.37518603801727,468.552978515625]},{"page":32,"text":"tak/version.txt)\"","rect":[243.60556030273438,476.283935546875,332.5218077421188,468.552978515625]},{"page":32,"text":"-p","rect":[337.752197265625,477.6687316894531,348.2129393339157,471.0]},{"page":32,"text":"5432:5432","rect":[353.44329833984377,476.0,400.51658923625947,469.26031494140627]},{"page":32,"text":"-d","rect":[494.6647033691406,463.5608215332031,505.1254454374313,457.4238586425781]},{"page":32,"text":"T` AK Server Hardened Container Setup","rect":[72.0,501.2218017578125,271.08264010810856,492.3451232910156]},{"page":32,"text":"1. Build the hardened TAK Server image:","rect":[84.177001953125,519.2733764648438,267.7080043897629,510.0978088378906]},{"page":32,"text":"`docker","rect":[72.0,535.1358032226563,103.38218982219697,528.9988403320313]},{"page":32,"text":"build","rect":[108.61255645751953,535.1358032226563,134.76439197063446,528.9988403320313]},{"page":32,"text":"-t","rect":[139.9947509765625,535.1358032226563,150.45547778606415,529.5667114257813]},{"page":32,"text":"takserver-hardened:\"$(cat","rect":[155.6858367919922,535.9029541015625,286.44493396282197,528.1719360351563]},{"page":32,"text":"tak/version.txt)\"","rect":[291.6753234863281,536.0,380.5915709257126,528.1719360351563]},{"page":32,"text":"docker/Dockerfile.hardened-takserver","rect":[91.92499542236328,547.8579711914063,280.2180662870407,540.126953125]},{"page":32,"text":".","rect":[285.44842529296877,546.0,290.6787901639938,542.0]},{"page":32,"text":"-f","rect":[385.82196044921877,535.0859985351563,396.28270251750947,528.9390869140625]},{"page":32,"text":"2. Run the hardened TAK Server container:","rect":[84.17699432373047,571.0822143554688,276.8536647901535,563.73974609375]},{"page":32,"text":"`docker","rect":[72.0,588.77783203125,103.38218982219697,582.640869140625]},{"page":32,"text":"run","rect":[108.61255645751953,588.77783203125,124.30365283489228,584.3743896484375]},{"page":32,"text":"--name","rect":[129.53402709960938,588.77783203125,160.91620166301727,583.0]},{"page":32,"text":"takserver-hardened-\"$(cat","rect":[166.1465606689453,589.5449829101563,296.9056578397751,581.81396484375]},{"page":32,"text":"tak/version.txt)\"","rect":[302.13604736328127,589.5449829101563,391.0522948026657,581.81396484375]},{"page":32,"text":"--network","rect":[396.2826843261719,588.77783203125,443.3559752225876,582.640869140625]},{"page":32,"text":"takserver-net-hardened-\"$(cat","rect":[91.92499542236328,601.4999389648438,243.60553271770477,593.7689208984375]},{"page":32,"text":"tak/version.txt)\"","rect":[248.83590698242188,601.4999389648438,337.7521544218063,593.7689208984375]},{"page":32,"text":"-p","rect":[342.9825439453125,602.8847045898438,353.4432860136032,596.0]},{"page":32,"text":"8089:8089","rect":[358.67364501953127,601.0,405.74693591594697,594.4862670898438]},{"page":32,"text":"-p","rect":[410.977294921875,602.8847045898438,421.4380064725876,596.0]},{"page":32,"text":"8443:8443","rect":[426.66839599609377,601.0,473.7416563749313,594.4762573242188]},{"page":32,"text":"8444:8444","rect":[91.92499542236328,613.0,138.99827868938446,606.4312744140625]},{"page":32,"text":"-p","rect":[144.22865295410157,614.8397216796875,154.6893797636032,608.0]},{"page":32,"text":"8446:8446","rect":[159.91973876953126,613.0,206.99299914836883,606.4312744140625]},{"page":32,"text":"-t","rect":[212.22335815429688,613.0,222.68410022258758,607.1187133789063]},{"page":32,"text":"-d","rect":[227.91445922851563,613.0,238.3751707792282,606.5508422851563]},{"page":32,"text":"takserver-hardened:\"$(cat","rect":[243.60552978515626,613.4549560546875,374.3646422147751,605.7239379882813]},{"page":32,"text":"tak/version.txt)\"","rect":[379.59503173828127,613.4549560546875,468.5112791776657,605.7239379882813]},{"page":32,"text":"-p","rect":[478.97198486328127,602.8847045898438,489.43272693157197,596.0]},{"page":32,"text":"`Confguring Certifcates","rect":[72.0,638.4624633789063,191.68072126293183,629.4961547851563]},{"page":32,"text":"1. Get the admin certifcate fngerprint","rect":[84.177001953125,656.4453735351563,255.444010433197,647.37939453125]},{"page":32,"text":"docker","rect":[72.0,672.3078002929688,103.38218982219697,666.1708374023438]},{"page":32,"text":"exec","rect":[108.61299133300781,672.3078002929688,129.5344496488571,667.8345947265625]},{"page":32,"text":"-it","rect":[134.76498413085938,673.0,150.45607287883758,666.2306518554688]},{"page":32,"text":"ca-setup-hardened","rect":[155.6864471435547,674.459716796875,244.6026335477829,666.1708374023438]},{"page":32,"text":"bash","rect":[249.83299255371095,673.0,270.7544432401657,666.1708374023438]},{"page":32,"text":"pem","rect":[91.92499542236328,686.4147338867188,107.61609179973603,679.8294677734375]},{"page":32,"text":"-in","rect":[112.84645080566406,684.2130126953125,128.53753955364227,678.1856689453125]},{"page":32,"text":"files/admin.pem","rect":[133.7678985595703,686.4147338867188,212.2233610868454,677.2989501953125]},{"page":32,"text":"|","rect":[217.4537353515625,685.0299682617188,222.68410022258758,677.2989501953125]},{"page":32,"text":"grep","rect":[227.91445922851563,686.4844970703125,248.83592517375946,679.8095703125]},{"page":32,"text":"-oP","rect":[254.0662841796875,684.2628173828125,269.7574034452438,678.1258544921875]},{"page":32,"text":"-c","rect":[275.98480224609377,673.0,286.4455137968063,668.0]},{"page":32,"text":"\"openssl","rect":[291.6759033203125,674.459716796875,333.5188475370407,666.061279296875]},{"page":32,"text":"x509","rect":[338.74920654296877,672.3576049804688,359.6706724882126,666.061279296875]},{"page":32,"text":"-noout","rect":[364.9010314941406,672.3078002929688,396.2832213163376,666.7387084960938]},{"page":32,"text":"’MD5 Fingerprint=\\K.*’\"","rect":[274.9877624511719,686.4844970703125,395.2862120389938,677.2989501953125]},{"page":32,"text":"-fingerprint","rect":[401.51361083984377,674.5294799804688,464.2780028104782,666.111083984375]},{"page":32,"text":"-md5","rect":[469.5083923339844,672.3576049804688,490.4298582792282,666.1708374023438]},{"page":32,"text":"-inform","rect":[495.6602478027344,672.3078002929688,532.2728453397751,666.111083984375]},{"page":32,"text":"2. `Add the certifcate fngerprint as the admin after the hardened TAK server container has started (about","rect":[84.17699432373047,710.5256958007813,539.8131423832224,700.5730590820313]},{"page":32,"text":"60 seconds)","rect":[96.9070053100586,722.480712890625,146.78974407577514,712.528076171875]},{"page":32,"text":"31","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":33,"text":"docker","rect":[72.0,82.01276397705078,103.38218982219697,75.87580108642578]},{"page":33,"text":"exec","rect":[108.61299133300781,82.01276397705078,129.5344496488571,77.53955841064453]},{"page":33,"text":"-it","rect":[134.76498413085938,82.01276397705078,150.45607287883758,75.93557739257813]},{"page":33,"text":"takserver-hardened-\"$(cat","rect":[155.6864471435547,82.7798843383789,286.4455748319626,75.04890441894531]},{"page":33,"text":"tak/version.txt)\"","rect":[291.67596435546877,82.7798843383789,380.5922117948532,75.04890441894531]},{"page":33,"text":"`bash","rect":[385.8226013183594,82.01276397705078,406.7440672636032,75.87580108642578]},{"page":33,"text":"-c","rect":[411.97442626953127,82.01276397705078,422.43516833782197,77.0]},{"page":33,"text":"’java","rect":[427.66552734375,84.2244644165039,453.81737048625947,75.87580108642578]},{"page":33,"text":"-jar","rect":[459.0477294921875,84.2244644165039,479.9691954374313,75.93557739257813]},{"page":33,"text":"/opt/tak/utils/UserManager.jar","rect":[91.92499542236328,96.18943786621094,248.8359404325485,87.00392150878906]},{"page":33,"text":"usermod","rect":[254.06631469726563,93.96778106689453,290.6788817167282,87.83081817626953]},{"page":33,"text":"-A","rect":[295.90924072265627,93.91796875,306.36998279094697,87.71126556396485]},{"page":33,"text":"-f","rect":[311.6003723144531,93.91796875,322.0611143827438,87.77104187011719]},{"page":33,"text":"<admin","rect":[327.29150390625,93.96778106689453,358.67369372844697,87.83081817626953]},{"page":33,"text":"cert","rect":[363.9040832519531,93.96778106689453,384.82554919719697,88.39868927001953]},{"page":33,"text":"fingerprint>","rect":[390.055908203125,96.18943786621094,452.82030017375947,87.77104187011719]},{"page":33,"text":"admin’","rect":[458.0506896972656,93.96778106689453,489.4328795194626,87.83081817626953]},{"page":33,"text":"U` seful Commands","rect":[72.0,117.92756652832031,163.2972678937912,110.8541259765625]},{"page":33,"text":"To run these commands on the hardened containers, add the -hardened sufx to the container","rect":[70.43199920654297,137.7932891845703,478.3804117231369,128.73728942871095]},{"page":33,"text":"-` View images:","rect":[72.0,155.9654998779297,145.22511584758758,147.6068878173828]},{"page":33,"text":"‘‘‘bash","rect":[72.0,165.69886779785157,108.61255176067353,159.56190490722657]},{"page":33,"text":"d` ocker images takserver","rect":[72.0,179.87547302246095,192.29837329387665,171.51686096191407]},{"page":33,"text":"d` ocker images takserver-db","rect":[72.0,191.8304901123047,207.98945910930633,183.4718780517578]},{"page":33,"text":"‘‘‘","rect":[72.0,197.80789184570313,87.69109637737275,194.7294464111328]},{"page":33,"text":"-` View containers","rect":[72.0,213.53872680664063,160.91620166301727,207.38185119628907]},{"page":33,"text":"A` ll: ’docker ps -a’","rect":[72.0,227.62672424316407,171.3769255399704,219.21829223632813]},{"page":33,"text":"R` unning:","rect":[72.0,239.65147399902345,113.84292132854462,231.29286193847657]},{"page":33,"text":"’docker","rect":[119.07328796386719,238.0,155.6858397245407,231.29286193847657]},{"page":33,"text":"ps’","rect":[160.91619873046876,239.5817413330078,176.60728747844696,233.0]},{"page":33,"text":"S` topped:","rect":[72.0,251.53675842285157,113.84292132854462,243.13829040527345]},{"page":33,"text":"’docker","rect":[119.07328796386719,250.0,155.6858397245407,243.2478790283203]},{"page":33,"text":"ps","rect":[160.91619873046876,251.53675842285157,171.3769255399704,244.0]},{"page":33,"text":"-a","rect":[176.60728454589845,250.0,187.06801135540008,244.0]},{"page":33,"text":"-` Exec into container","rect":[72.0,261.33978271484377,181.8376494169235,255.2028350830078]},{"page":33,"text":"|","rect":[192.29837036132813,250.15196228027345,197.5287352323532,242.4209747314453]},{"page":33,"text":"grep","rect":[202.75909423828126,251.6064910888672,223.680544924736,244.0]},{"page":33,"text":"Exit’","rect":[228.91090393066407,250.0,255.0627165555954,243.2478790283203]},{"page":33,"text":"‘‘‘bash","rect":[72.0,273.2947998046875,108.61255176067353,267.1578369140625]},{"page":33,"text":"`docker","rect":[72.0,285.25079345703127,103.38218982219697,279.11383056640627]},{"page":33,"text":"exec","rect":[108.61255645751953,285.0,129.53401477336883,280.0]},{"page":33,"text":"-it","rect":[134.76438903808595,285.25079345703127,150.45547778606415,279.1736145019531]},{"page":33,"text":"takserver-\"$(cat","rect":[155.6858367919922,286.0179138183594,239.3716307401657,278.2869567871094]},{"page":33,"text":"tak/version.txt)\"","rect":[244.60198974609376,286.0179138183594,333.5181456327438,278.2869567871094]},{"page":33,"text":"bash","rect":[338.74853515625,285.25079345703127,359.67003161907197,279.11383056640627]},{"page":33,"text":"`docker","rect":[72.0,297.205810546875,103.38218982219697,291.06884765625]},{"page":33,"text":"exec","rect":[108.61255645751953,297.205810546875,129.53401477336883,292.7724609375]},{"page":33,"text":"-it","rect":[134.76438903808595,297.205810546875,150.45547778606415,291.1286315917969]},{"page":33,"text":"takserver-db-\"$(cat","rect":[155.6858367919922,297.9729309082031,255.0627165555954,290.2419738769531]},{"page":33,"text":"tak/version.txt)\"","rect":[260.2930908203125,297.9729309082031,349.2092772245407,290.2419738769531]},{"page":33,"text":"bash","rect":[354.4396667480469,297.205810546875,375.3611632108688,291.06884765625]},{"page":33,"text":"‘‘‘","rect":[72.0,305.4049377441406,87.69109637737275,302.32647705078127]},{"page":33,"text":"`- Exec command in container","rect":[72.0,321.1158142089844,213.2198210477829,314.9788513183594]},{"page":33,"text":"‘‘‘bash","rect":[72.0,333.07080078125,108.61255176067353,326.933837890625]},{"page":33,"text":"`docker","rect":[72.0,345.02581787109377,103.38218982219697,338.88885498046877]},{"page":33,"text":"exec","rect":[108.61255645751953,345.02581787109377,129.53401477336883,340.59246826171877]},{"page":33,"text":"-it","rect":[134.76438903808595,345.02581787109377,150.45547778606415,338.9486389160156]},{"page":33,"text":"takserver-\"$(cat","rect":[155.6858367919922,345.7929382324219,239.3716307401657,338.0619812011719]},{"page":33,"text":"tak/version.txt)\"","rect":[244.60198974609376,345.7929382324219,333.5181456327438,338.0619812011719]},{"page":33,"text":"bash","rect":[338.74853515625,345.02581787109377,359.67003161907197,338.88885498046877]},{"page":33,"text":"-c","rect":[364.9004211425781,345.02581787109377,375.3611632108688,340.0]},{"page":33,"text":"d` ocker","rect":[72.0,356.9818115234375,103.38218982219697,350.8448486328125]},{"page":33,"text":"exec","rect":[108.61255645751953,356.9818115234375,129.53401477336883,352.5484619140625]},{"page":33,"text":"-it","rect":[134.76438903808595,356.9818115234375,150.45547778606415,350.9046325683594]},{"page":33,"text":"takserver-db-\"$(cat","rect":[155.6858367919922,357.7489318847656,255.0627165555954,350.0179748535156]},{"page":33,"text":"tak/version.txt)\"","rect":[260.2930908203125,357.7489318847656,349.2092772245407,350.0179748535156]},{"page":33,"text":"bash","rect":[354.4396667480469,356.9818115234375,375.3611632108688,350.8448486328125]},{"page":33,"text":"‘‘‘","rect":[72.0,365.180908203125,87.69109637737275,362.10247802734377]},{"page":33,"text":"\"<command>\"","rect":[385.8218994140625,345.02581787109377,443.3560362577438,338.88885498046877]},{"page":33,"text":"-c \"<command>\"","rect":[380.591552734375,356.9818115234375,459.0471678495407,350.8448486328125]},{"page":33,"text":"`-","rect":[72.0,382.0,77.23036487102509,376.0]},{"page":33,"text":"Tail","rect":[82.46073150634766,382.0,103.38218982219697,374.7548522949219]},{"page":33,"text":"takserver","rect":[108.61255645751953,382.0,155.6858397245407,374.7548522949219]},{"page":33,"text":"logs","rect":[160.91619873046876,383.1134948730469,181.8376494169235,374.7548522949219]},{"page":33,"text":"‘‘‘bash","rect":[72.0,392.8468017578125,108.61255176067353,386.7098388671875]},{"page":33,"text":"`tail -f tak/logs/takserver-messaging.log","rect":[72.0,407.0234680175781,281.2145262479782,397.83795166015627]},{"page":33,"text":"t` ail -f tak/logs/takserver-api.log","rect":[72.0,418.9784851074219,249.83235461711883,409.79296875]},{"page":33,"text":"‘‘‘","rect":[72.0,424.9569396972656,87.69109637737275,421.87847900390627]},{"page":33,"text":"`- Restart","rect":[72.0,440.7176513671875,119.07329089641572,434.5308532714844]},{"page":33,"text":"TAK server","rect":[129.53402709960938,440.6678161621094,181.8376494169235,434.41131591796877]},{"page":33,"text":"‘‘‘bash","rect":[72.0,452.6228332519531,108.61255176067353,446.4858703613281]},{"page":33,"text":"`docker exec -d takserver-\"$(cat","rect":[72.0,465.34490966796877,234.14126880168915,457.61395263671877]},{"page":33,"text":"./configureInDocker.sh\"","rect":[91.92499542236328,478.7544860839844,212.22337634563446,469.5689697265625]},{"page":33,"text":"‘‘‘","rect":[72.0,484.7319030761719,87.69109637737275,481.6534423828125]},{"page":33,"text":"tak/version.txt)\"","rect":[239.3716278076172,465.34490966796877,328.2877989530563,457.61395263671877]},{"page":33,"text":"bash","rect":[333.5181579589844,465.0,354.4396544218063,458.4408264160156]},{"page":33,"text":"-c","rect":[359.6700439453125,465.0,370.1307860136032,459.0]},{"page":33,"text":"\"cd","rect":[375.3611755371094,465.0,391.0522948026657,458.4408264160156]},{"page":33,"text":"/opt/tak/","rect":[396.2826843261719,466.7297058105469,443.35606677532197,457.61395263671877]},{"page":33,"text":"&&","rect":[448.5864562988281,464.62762451171877,459.0471983671188,458.33123779296877]},{"page":33,"text":"-`","rect":[72.0,501.0,77.23036487102509,495.0]},{"page":33,"text":"Start/Stop","rect":[82.46073150634766,502.595703125,134.76439197063446,493.4799499511719]},{"page":33,"text":"container:","rect":[139.9947509765625,501.0,192.29837329387665,494.3666076660156]},{"page":33,"text":"‘‘‘bash","rect":[72.0,512.3988037109375,108.61255176067353,506.2618408203125]},{"page":33,"text":"`docker","rect":[72.0,525.0,103.38218982219697,518.216796875]},{"page":33,"text":"`docker","rect":[72.0,537.0,103.38218982219697,530.171875]},{"page":33,"text":"‘‘‘","rect":[72.0,544.5078735351563,87.69109637737275,541.429443359375]},{"page":33,"text":"<start/stop>","rect":[108.61255645751953,526.5056762695313,171.3769255399704,517.389892578125]},{"page":33,"text":"<start/stop>","rect":[108.61255645751953,538.4607543945313,171.3769255399704,529.344970703125]},{"page":33,"text":"takserver-\"$(cat","rect":[176.60728454589845,525.1209106445313,260.29307849407197,517.389892578125]},{"page":33,"text":"tak/version.txt)\"","rect":[265.5234375,525.1209106445313,354.4396544218063,517.389892578125]},{"page":33,"text":"takserver-db-\"$(cat tak/version.txt)\"","rect":[176.60728454589845,537.0759887695313,370.1307860136032,529.344970703125]},{"page":33,"text":"`- Remove container:","rect":[72.0,560.2686157226563,171.3769255399704,554.0818481445313]},{"page":33,"text":"‘‘‘bash","rect":[72.0,572.1748046875,108.61255176067353,566.037841796875]},{"page":33,"text":"`docker","rect":[72.0,584.1298217773438,103.38218982219697,577.9928588867188]},{"page":33,"text":"rm","rect":[108.61255645751953,584.0800170898438,119.07329089641572,579.7263793945313]},{"page":33,"text":"-f","rect":[124.30364990234375,584.0800170898438,134.76439197063446,577.93310546875]},{"page":33,"text":"takserver-\"$(cat","rect":[139.9947509765625,584.89697265625,223.680544924736,577.1659545898438]},{"page":33,"text":"tak/version.txt)\"","rect":[228.91090393066407,584.89697265625,317.8270445585251,577.1659545898438]},{"page":33,"text":"d` ocker","rect":[72.0,596.0848388671875,103.38218982219697,589.9478759765625]},{"page":33,"text":"rm","rect":[108.61255645751953,596.0350341796875,119.07329089641572,591.681396484375]},{"page":33,"text":"-f","rect":[124.30364990234375,596.0350341796875,134.76439197063446,589.8881225585938]},{"page":33,"text":"takserver-db-\"$(cat","rect":[139.9947509765625,596.8519897460938,239.3716307401657,589.1209716796875]},{"page":33,"text":"tak/version.txt)\"","rect":[244.60198974609376,596.8519897460938,333.5181456327438,589.1209716796875]},{"page":33,"text":"‘‘‘","rect":[72.0,604.2838745117188,87.69109637737275,601.2054443359375]},{"page":33,"text":"names.","rect":[481.947021484375,136.0,512.472383649826,130.0]},{"page":33,"text":"7` Confgure System Firewall","rect":[72.0,649.7822875976563,283.03259398651127,636.8706665039063]},{"page":33,"text":"`7.1 Overview","rect":[72.0,670.8585205078125,157.7068291015625,662.3822631835938]},{"page":33,"text":"O` ne of the most common problems people have is the system default frewall blocking their trafc.","rect":[72.0,691.1583862304688,502.2946743116379,682.0924072265625]},{"page":33,"text":"The full procedure for confguring the frewall is complex and beyond the scope of this guide, and is an","rect":[71.64099884033203,709.0913696289063,539.5636557404663,700.025390625]},{"page":33,"text":"i` mportant concern for system confguration.","rect":[72.0,721.04638671875,272.02583141710968,711.9804077148438]},{"page":33,"text":"Consult your network administrator and/or the frewalld","rect":[280.1553039550781,721.4847412109375,539.5569418732788,711.5321044921875]},{"page":33,"text":"32","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":34,"text":"d` ocumentation at https://fedoraproject.org/wiki/FirewallD.","rect":[72.0,84.44364166259766,334.514431391716,74.49100494384766]},{"page":34,"text":"T` he following tips will get you started for lab/feld environments.","rect":[71.64099884033203,102.37564849853516,357.18902245616916,92.42301177978516]},{"page":34,"text":"`7.2 RHEL, Rocky Linux, and CentOS","rect":[72.0,130.16302490234376,303.01036071777346,119.439208984375]},{"page":34,"text":"`To verify whether a frewall is running, use the command:","rect":[71.64099884033203,148.21524047851563,324.00359765148166,139.14927673339845]},{"page":34,"text":"`sudo","rect":[72.0,165.0,92.9214583158493,158.01881408691407]},{"page":34,"text":"systemctl","rect":[98.15182495117188,166.36746215820313,145.22511584758758,158.01881408691407]},{"page":34,"text":"status","rect":[150.45547485351563,165.0,181.8376494169235,158.586669921875]},{"page":34,"text":"firewalld.service","rect":[192.29837036132813,165.0,281.2145567655563,157.9590301513672]},{"page":34,"text":"`To see what zones are running","rect":[71.64099884033203,190.05825805664063,204.26312971115113,181.1018829345703]},{"page":34,"text":"s` udo","rect":[72.0,207.0,92.9214583158493,199.8618927001953]},{"page":34,"text":"firewall-cmd","rect":[98.15182495117188,207.0,160.91620166301727,199.80210876464845]},{"page":34,"text":"--get-active-zones","rect":[166.1465606689453,208.2205047607422,260.29307849407197,199.92166137695313]},{"page":34,"text":"I` f you are working from a fresh OS install, the only active zone is ‘public’.","rect":[72.0,231.90133666992188,394.06100121593479,222.8353729248047]},{"page":34,"text":"`For each each zone, you’ll want to enable TCP (and possibly UDP) ports for the inputs in your CoreConfg.xml","rect":[72.0,250.27267456054688,539.5569254092911,240.32003784179688]},{"page":34,"text":"`fle, plus the web server’s port. For example,","rect":[72.0,261.6697998046875,266.73894921398166,252.72337341308595]},{"page":34,"text":"`sudo","rect":[72.0,278.0,92.9214583158493,271.59283447265627]},{"page":34,"text":"`sudo","rect":[72.0,290.0,92.9214583158493,283.5478515625]},{"page":34,"text":"firewall-cmd","rect":[98.15182495117188,278.0,160.91620166301727,271.5330810546875]},{"page":34,"text":"firewall-cmd","rect":[98.15182495117188,290.0,160.91620166301727,283.48809814453127]},{"page":34,"text":"--zone=public","rect":[166.1465606689453,279.8817138671875,234.14126880168915,271.59283447265627]},{"page":34,"text":"--zone=public","rect":[166.1465606689453,291.83673095703127,234.14126880168915,283.5478515625]},{"page":34,"text":"--add-port","rect":[239.3716278076172,279.8817138671875,291.6752501249313,271.59283447265627]},{"page":34,"text":"--add-port","rect":[239.3716278076172,291.83673095703127,291.6752501249313,283.5478515625]},{"page":34,"text":"8089/tcp","rect":[296.9056091308594,279.8817138671875,338.74852283000947,270.7659606933594]},{"page":34,"text":"8443/tcp","rect":[296.9056091308594,291.83673095703127,338.74852283000947,282.7209777832031]},{"page":34,"text":"-permanent","rect":[343.9789123535156,279.8817138671875,396.2826719999313,272.0]},{"page":34,"text":"--permanent","rect":[343.9789123535156,291.83673095703127,401.51304919719697,284.0]},{"page":34,"text":"T` he ports you’ll need to open for the default confguration are 8089 and 8443.","rect":[71.64099884033203,315.58734130859377,412.4713405714035,306.5213928222656]},{"page":34,"text":"`Finally, enable your new frewall rules:","rect":[72.0,333.5104064941406,239.79009667491915,324.45440673828127]},{"page":34,"text":"`sudo","rect":[72.0,349.4608154296875,92.9214583158493,343.3238525390625]},{"page":34,"text":"firewall-cmd","rect":[98.15182495117188,349.4608154296875,160.91620166301727,343.26409912109377]},{"page":34,"text":"-reload","rect":[166.1465606689453,349.4608154296875,202.75909717082977,343.3238525390625]},{"page":34,"text":"`7.3 Ubuntu and Raspberry Pi","rect":[72.0,385.6560974121094,256.8871727294922,374.9801025390625]},{"page":34,"text":"`UFW (Uncomplicated Firewall) is a utility for managing frewalls. If","rect":[72.0,404.1466979980469,371.8450374217091,394.1940612792969]},{"page":34,"text":"w` ith the following:","rect":[71.64099884033203,415.663330078125,152.9158901319504,406.5973815917969]},{"page":34,"text":"s` udo apt install ufw","rect":[72.0,433.7557067871094,176.60728747844696,425.4070739746094]},{"page":34,"text":"I` MPORTANT: Raspberry Pi installs, please reboot your device after","rect":[72.0,457.4963684082031,372.0535491113663,448.3307800292969]},{"page":34,"text":"`To check the status of the frewall service with current port rules:","rect":[71.64099884033203,475.3197937011719,357.57760277843479,466.3733825683594]},{"page":34,"text":"s` udo ufw status","rect":[72.0,491.3797912597656,150.45547778606415,485.1830749511719]},{"page":34,"text":"P` erform the following commands to set initial rules for your frewall:","rect":[72.0,517.2823486328125,371.047390376091,508.21636962890627]},{"page":34,"text":"`sudo ufw default deny incoming","rect":[72.0,535.4445190429688,228.91090686321258,527.026123046875]},{"page":34,"text":"`sudo ufw default allow outgoing","rect":[72.0,547.3994750976563,234.14126880168915,538.9810791015625]},{"page":34,"text":"`sudo ufw allow ssh","rect":[72.0,557.1328125,166.14656360149383,550.9360961914063]},{"page":34,"text":"T` urn on the frewall:","rect":[71.64099884033203,581.0926513671875,161.26455346202853,573.9694213867188]},{"page":34,"text":"s` udo ufw enable","rect":[72.0,598.975830078125,150.45518786907196,592.7791137695313]},{"page":34,"text":"`Add default confguration TAK Server ports:","rect":[71.62100219726563,624.8793334960938,267.5355190382004,615.7037353515625]},{"page":34,"text":"s` udo ufw allow 8089","rect":[72.0,640.8685913085938,171.3769255399704,634.572265625]},{"page":34,"text":"`sudo ufw allow 8443","rect":[72.0,652.8236083984375,171.3769255399704,646.5172729492188]},{"page":34,"text":"is not installed","rect":[375.15594482421877,403.0,439.4390692399005,394.7519836425781]},{"page":34,"text":"installing ufw.","rect":[375.3810729980469,457.5063171386719,437.0694851026535,448.44036865234377]},{"page":34,"text":"on","rect":[442.7598876953125,403.0,453.2809576676349,396.0]},{"page":34,"text":"your","rect":[456.601806640625,403.6983947753906,475.99839315622946,396.0]},{"page":34,"text":"server.","rect":[479.3192443847656,403.0,507.6413977037748,396.0]},{"page":34,"text":"Install","rect":[512.0592041015625,403.0,539.503732908853,394.7519836425781]},{"page":34,"text":"33","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":35,"text":"8` Software Installation Location","rect":[72.0,82.12075805664063,308.6835685968399,71.92060852050781]},{"page":35,"text":"The RPM installer places the TAK server software and confguration in the directory /opt/tak. It creates","rect":[71.64099884033203,106.2636489868164,539.5452394030104,96.3110122680664]},{"page":35,"text":"`a user named tak who is the owner of the fles in that directory tree. Always use this tak user when","rect":[72.0,117.7713851928711,539.8889009433339,108.71537780761719]},{"page":35,"text":"`editing CoreConfg.xml or generating certifcates. You can become the tak user by entering:","rect":[72.0,129.68655395507813,535.5995781106949,120.72021484375]},{"page":35,"text":"`sudo su tak","rect":[72.0,145.3147735595703,129.53401477336883,139.1778106689453]},{"page":35,"text":"9` Confguration","rect":[72.0,186.5402069091797,193.06758654117585,173.6286163330078]},{"page":35,"text":"`9.1 Overview","rect":[72.0,207.61648559570313,157.7068291015625,199.1402587890625]},{"page":35,"text":"C` onfguration is primarily done through the web interface. Changes made in the interface will be refected in","rect":[72.0,227.91635131835938,539.5259939241457,218.8503875732422]},{"page":35,"text":"`the /opt/tak/CoreConfg.xml fle. If that fle does not exist (e.g. on a fresh install), then when TAK Server","rect":[72.0,240.30972290039063,539.7331669059269,230.35708618164063]},{"page":35,"text":"s` tarts up it will copy /opt/tak/CoreConfg.example.xml. The example has many commented out options.","rect":[72.0,252.26467895507813,541.5080091514847,242.31204223632813]},{"page":35,"text":"`Notable confguration options:","rect":[72.0,263.7823181152344,203.9645961866379,254.7163543701172]},{"page":35,"text":"•","rect":[84.1760025024414,278.80523681640627,91.91694251155853,275.93603515625]},{"page":35,"text":"•","rect":[84.17601013183594,362.49224853515627,91.91695014095306,359.623046875]},{"page":35,"text":"•","rect":[84.17601013183594,374.4472351074219,91.91695014095306,371.5780334472656]},{"page":35,"text":"inputs: In the <network> section there are a series of <input> elements. These defne ports the server","rect":[96.9070053100586,281.59478759765627,539.7235969778515,272.64837646484377]},{"page":35,"text":"w` ill listen on. Protocol options are as follows:","rect":[96.54800415039063,293.55078125,295.74020043468479,284.6043701171875]},{"page":35,"text":"– udp: standard CoT udp protocol; unencrypted","rect":[108.11500549316406,305.6153564453125,322.44959198474887,296.5593566894531]},{"page":35,"text":"– mcast: like udp, but has additional confguration option for multicast group","rect":[108.11500549316406,317.580322265625,450.2696298265457,308.5143737792969]},{"page":35,"text":"– tcp: publish-only port; standard CoT tcp protocol; unencrypted","rect":[108.11500549316406,329.5253601074219,398.2549508714676,320.4693603515625]},{"page":35,"text":"– stcp: streaming/bi-directional; this is for ATAK to connect to. Unencrypted, for testing only","rect":[108.11500549316406,341.9286804199219,524.2321015939713,331.9760437011719]},{"page":35,"text":"– tls: TCP+TLS streaming/bi-directional for encrypted communication with TAK clients","rect":[108.11500549316406,353.8836669921875,501.99545473289489,343.9310302734375]},{"page":35,"text":"<auth> : you can use either a fat fle or an LDAP backend for group fltering support","rect":[95.35200500488281,365.4013366699219,475.3852640953064,356.2257995605469]},{"page":35,"text":"<security>: here you specify the keystore fles to use for the secure port(s)","rect":[95.35200500488281,377.794677734375,423.1912943687439,367.842041015625]},{"page":35,"text":"9` .2 Confguring Security Through Web UI (Certifcates/TLS)","rect":[72.00000762939453,406.0347900390625,443.59148791503909,394.07958984375]},{"page":35,"text":"`Security Confguration Web interface","rect":[72.0,544.3634643554688,258.8983766183853,535.3971557617188]},{"page":35,"text":"S` ecurity and authentication options for TAK Server can be set up using a web interface. To access this page","rect":[72.0,562.3463745117188,539.5510419724914,553.1707763671875]},{"page":35,"text":"`in the menu bar go to Confguration > Manage Security and Authentication Confguration. This page will","rect":[72.0,574.3013916015625,539.5837542408849,565.1257934570313]},{"page":35,"text":"c` ontain both Security and Authentication confguration current values. To modify the Security Confguration","rect":[72.0,586.25634765625,539.5177792055939,577.0807495117188]},{"page":35,"text":"`click “Edit Security”. This will allow changes to the server’s certifcates, the version of TLS used, x509 Groups","rect":[72.0,598.2113647460938,539.4983704201368,589.1453857421875]},{"page":35,"text":"s` ettings and x509 Add Anonymous settings.","rect":[72.0,610.1673583984375,263.61065331554416,600.9917602539063]},{"page":35,"text":"Note: Changes made here will only take efect after a server restart.","rect":[71.44000244140625,628.08935546875,368.6641255931854,619.0333862304688]},{"page":35,"text":"`9.3 Group Filtering","rect":[72.0,656.1810302734375,195.49721911621095,645.4452514648438]},{"page":35,"text":"T` AK Server has the ability to segment users so they only see a subset of the other users on the system. This","rect":[71.64099884033203,674.2213745117188,539.5358228984519,665.0457763671875]},{"page":35,"text":"`is achieved by assigning groups to individual connections. If ATAK-A shares common group membership in","rect":[72.0,686.1773681640625,539.5861914022648,677.0017700195313]},{"page":35,"text":"a` t least one group with ATAK-B, they share data with each other. If not otherwise specifed, all connections","rect":[72.0,698.13232421875,539.5537443607311,688.9567260742188]},{"page":35,"text":"`default to being in the special “ANON” group (note 2 underscores as prefx and postfx). There are three","rect":[72.0,710.5256958007813,539.7266682407201,700.5730590820313]},{"page":35,"text":"w` ays to assign groups to a connection:","rect":[71.64099884033203,722.0423583984375,239.18203393077853,713.45458984375]},{"page":35,"text":"34","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.143310546875]},{"page":36,"text":"• `Assigning <fltergroup> elements to <inputs>: this is simple, but provides no access control if you","rect":[84.17599487304688,84.00528717041016,539.5238608185913,74.82972717285156]},{"page":36,"text":"have multiple ports confgured on the same server.","rect":[96.9070053100586,95.9603042602539,316.97088280773166,86.89433288574219]},{"page":36,"text":"• `Active Directory / LDAP / Flat fle with additional authentication message","rect":[84.1760025024414,108.35367584228516,427.7644587440491,98.40103912353516]},{"page":36,"text":"• `Active Directory / LDAP / Flat fle without additional authentication messages (uses certifcate-based","rect":[84.1760025024414,120.3086929321289,539.5477560391253,110.3560562133789]},{"page":36,"text":"identifcation)","rect":[96.9070053100586,132.26364135742188,157.42978924179077,122.3110122680664]},{"page":36,"text":"D` etails on the three options:","rect":[72.00000762939453,149.6387176513672,196.39303246593478,140.80189514160157]},{"page":36,"text":"9` .4 Group Assignment by Input","rect":[72.00000762939453,177.99497985839845,268.95000842285159,167.2353057861328]},{"page":36,"text":"<inputs> can drive group fltering, even without authentication messages. Version 1.3.0 added group fltering","rect":[70.44599914550781,196.03634643554688,539.5162564941654,186.9703826904297]},{"page":36,"text":"b` ased on LDAP groups. This necessitated a new authentication message from ATAK. This worked for the","rect":[72.0,207.99136352539063,539.601783465086,198.81581115722657]},{"page":36,"text":"`streaming connections, but wouldn’t work for the connection-less UDP trafc.","rect":[72.0,219.94631958007813,412.10323754405979,210.88035583496095]},{"page":36,"text":"W ` e added an additional confguration option for inputs to allow the connection-less trafc to be routed","rect":[71.49199676513672,237.87936401367188,539.56701267406,228.8134002685547]},{"page":36,"text":"`according to the group fltering. An input defnition like this:","rect":[72.0,249.83432006835938,339.44601098155979,240.6587677001953]},{"page":36,"text":"<input","rect":[87.69099426269531,267.92669677734377,119.07318408489228,259.6976013183594]},{"page":36,"text":"_name=\"stdudp\"","rect":[124.30355072021485,267.92669677734377,197.5286589384079,259.5282287597656]},{"page":36,"text":"protocol=\"udp\"","rect":[202.75901794433595,267.92669677734377,275.98411853313447,259.5282287597656]},{"page":36,"text":"<filtergroup>TEST1</filtergroup>","rect":[98.1520004272461,279.95147705078127,265.5236387968063,270.7659606933594]},{"page":36,"text":"</input>","rect":[87.69099426269531,291.83673095703127,129.53391559123993,282.7209777832031]},{"page":36,"text":"port=\"8087\">","rect":[281.2145080566406,267.92669677734377,343.9789000272751,259.4784240722656]},{"page":36,"text":"w` ould have the efect of making every CoT event that came into the ‘stdudp’ input be associated with the","rect":[71.64099884033203,315.58734130859377,539.543465821121,306.5213928222656]},{"page":36,"text":"“TEST1” group instead of the anonymous group. If there is no fltergroup specifed, the default is the old","rect":[70.58499908447266,327.5423278808594,539.5614221376584,318.47637939453127]},{"page":36,"text":"`behavior, which is a special anonymous group. The anonymous group has a name “__ANON__” that","rect":[72.0,339.4983215332031,539.9531743816092,330.3227844238281]},{"page":36,"text":"c` an be used to explicitly add it back in if needed. The fltergroup option can be used with the streaming","rect":[72.0,351.4533386230469,539.5162285140743,342.38739013671877]},{"page":36,"text":"i` nput protocols as well (stcp, tls), the efect of which is that any subscriptions made by connecting to that","rect":[72.0,363.8466796875,539.7618501511499,353.89404296875]},{"page":36,"text":"`port inherit the flter group from the input. <fltergroup> cannot be used in conjunction with the “auth”","rect":[72.0,375.3633117675781,541.3885518629497,366.29736328125]},{"page":36,"text":"a` ttribute on the same input. You can however use them on separate inputs, for example:","rect":[72.0,387.19879150390627,459.9436000928879,378.25238037109377]},{"page":36,"text":"<input","rect":[87.69099426269531,405.41070556640627,119.07318408489228,397.1816101074219]},{"page":36,"text":"_name=\"stdudp\"","rect":[124.30355072021485,405.41070556640627,197.5286589384079,397.0122375488281]},{"page":36,"text":"protocol=\"udp\"","rect":[202.75901794433595,405.41070556640627,275.98411853313447,397.0122375488281]},{"page":36,"text":"port=\"8087\">","rect":[281.2145080566406,405.41070556640627,343.9789000272751,396.9624328613281]},{"page":36,"text":"<filtergroup>CN=TAK1,DC=...</filtergroup>","rect":[98.1520004272461,417.43548583984377,312.5968809843063,408.2499694824219]},{"page":36,"text":"</input>","rect":[87.69099426269531,429.32073974609377,129.53391559123993,420.2049865722656]},{"page":36,"text":"<input","rect":[87.69099426269531,441.2767333984375,119.07318408489228,433.0476379394531]},{"page":36,"text":"_name=\"sec\"","rect":[124.30355072021485,440.0,181.8375731229782,432.8782653808594]},{"page":36,"text":"protocol=\"tls\"","rect":[187.06793212890626,441.2767333984375,260.2930479764938,432.8782653808594]},{"page":36,"text":"port=\"8089\"","rect":[265.5234375,441.2767333984375,323.0574522733688,432.8782653808594]},{"page":36,"text":"auth=\"ldap\"","rect":[328.287841796875,441.2767333984375,385.8218565702438,432.8782653808594]},{"page":36,"text":"/>","rect":[391.05224609375,439.8919372558594,401.5129881620407,432.1609802246094]},{"page":36,"text":"Note that when trying to interact with LDAP groups, you need to use the fully qualifed group name that","rect":[71.44000244140625,465.0173645019531,539.7183392099079,455.8517761230469]},{"page":36,"text":"LDAP/ActiveDirectory reports.","rect":[71.45999908447266,477.4206848144531,207.66864219474793,467.4680480957031]},{"page":36,"text":"9` .4.1 Input Confguration UI","rect":[72.0,502.8285217285156,224.4476973991394,493.8621826171875]},{"page":36,"text":"I` nputs can be dynamically added, modifed and deleted in the TAK Server user interface, under the menu","rect":[72.0,521.25732421875,539.5294314735394,512.0917358398438]},{"page":36,"text":"heading Confguration → Input Defnitions. The UI also shows activity for each input, in terms of","rect":[72.0,533.222412109375,539.7675776162416,524.1564331054688]},{"page":36,"text":"`number of reads and messages. For the streaming protocols (stcp, tls), the activity is the sum for all","rect":[72.0,545.61572265625,539.5366346397659,535.6630859375]},{"page":36,"text":"`connections made using that particular input port.","rect":[72.0,557.1333618164063,293.627956782341,548.1769409179688]},{"page":36,"text":"`9.5 Group Assignment Using Authentication Messages","rect":[72.0,585.3700561523438,402.0831104736328,574.6103515625]},{"page":36,"text":"`If ATAK or another TAK client is confgured to send an authentication message after establishing a connection","rect":[72.0,603.4103393554688,539.5665462954377,594.2347412109375]},{"page":36,"text":"`to TAK Server, the username and password credentials contained in that message will be used, in conjunction","rect":[72.0,615.3653564453125,539.5373104555939,606.1897583007813]},{"page":36,"text":"w` ith an authentication backend, to determine the group membership of a user. TAK Server will then flter","rect":[71.64099884033203,627.3203735351563,539.715990137362,618.144775390625]},{"page":36,"text":"`messages according to common group membership, in a similar fashion to fltering confgured by <fltergroups>","rect":[72.0,639.2763671875,541.1190193058003,630.2103881835938]},{"page":36,"text":"f` or a given <input>.","rect":[72.0,651.2313232421875,162.97845116710665,642.1653442382813]},{"page":36,"text":"TAK Server can be confgured at the input level to expect authentication messages with each new client","rect":[71.64099884033203,669.1643676757813,539.8076055339529,659.98876953125]},{"page":36,"text":"c` onnection. If the authentication message is not sent, or is invalid, the client will be disconnected. The “auth”","rect":[72.0,681.119384765625,541.3728876343984,672.0534057617188]},{"page":36,"text":"`attribute on the input indicates which authentication strategy will be used when processing authentication","rect":[72.0,693.0743408203125,539.4743942183312,684.117919921875]},{"page":36,"text":"`messages. A value of “fle” tells TAK Server to validate authentication credentials using the fat-fle backend.","rect":[72.0,705.0293579101563,541.4517660772606,695.853759765625]},{"page":36,"text":"A` value of “ldap” indicates that an Active Directory or LDAP server should be used to validate the credentials.","rect":[71.6209945678711,716.974365234375,541.4528604678849,707.8087768554688]},{"page":36,"text":"35","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":37,"text":"F` or example, this input defnition specifes streaming TCP, encrypted with TLS, authenticating the user with","rect":[72.0,84.00528717041016,539.4884823305939,74.93931579589844]},{"page":37,"text":"a` client certifcate and also requiring an authentication message, and using the LDAP authentication backend:","rect":[72.0,95.9603042602539,540.9041544131974,86.78474426269531]},{"page":37,"text":"<input","rect":[82.46099853515625,114.05281066894531,113.84318835735322,105.82369995117188]},{"page":37,"text":"_name=\"ldapssl\"","rect":[119.07355499267578,114.05281066894531,197.52904040813446,105.65433502197266]},{"page":37,"text":"protocol=\"tls\"","rect":[202.7593994140625,114.05281066894531,275.9845152616501,105.65433502197266]},{"page":37,"text":"port=\"8091\"","rect":[281.21490478515627,114.05281066894531,338.7489195585251,105.65433502197266]},{"page":37,"text":"auth=\"ldap\"/>","rect":[349.20965576171877,114.05281066894531,417.2044249296188,104.93702697753906]},{"page":37,"text":"9` .6 Group Assignment using Client Certifcates","rect":[72.0,148.1071014404297,359.8215137939453,137.34742736816407]},{"page":37,"text":"`TAK Server can be confgured to use only the information contained in a client certifcate, when looking up","rect":[71.64099884033203,166.14828491210938,539.5442602499211,156.9727325439453]},{"page":37,"text":"g` roup membership for a user. In this case, the TAK client is confgured to use TLS and a client certifcate","rect":[72.0,178.10330200195313,539.5507290047148,168.92774963378907]},{"page":37,"text":"`when connecting to TAK server, but does not send an authentication message. This eliminates the requirement","rect":[71.64099884033203,190.05825805664063,539.7934280277536,180.88270568847657]},{"page":37,"text":"`to cache credentials on the device, or enter credentials prior to establishment of each new connection. TAK","rect":[72.0,201.89378356933595,539.9033041492382,192.83778381347657]},{"page":37,"text":"`Server will then flter messages according to common group membership, in a similar fashion to input-level","rect":[72.0,213.96829223632813,539.5384269227458,204.90232849121095]},{"page":37,"text":"f` ltering with flter groups. When analyzing the X.509 client certifcate presented by the TAK client, TAK","rect":[72.0,225.92434692382813,539.8924247660801,216.74879455566407]},{"page":37,"text":"S` erver will look at the DN attribute in the certifcate, extract the CN value from the DN (if present). The","rect":[72.0,238.31771850585938,539.4891770247781,228.36508178710938]},{"page":37,"text":"`CN is regarded as the username, and is used to look up group membership in authentication backends. For","rect":[72.0,249.83432006835938,539.7638566658732,240.7683563232422]},{"page":37,"text":"`example, consider this DN in a client certifcate:","rect":[72.0,261.6697998046875,282.3802456007004,252.72337341308595]},{"page":37,"text":"`CN=jkirk,","rect":[72.0,279.9414978027344,119.07329089641572,271.4832458496094]},{"page":37,"text":"O=TAK,","rect":[124.30364990234375,278.0,155.6858397245407,271.4732971191406]},{"page":37,"text":"C=US","rect":[160.91619873046876,278.0,181.8376494169235,271.4832458496094]},{"page":37,"text":"`The CN value jkirk will be used as the username. The process for deciding which authentication backend to","rect":[71.64099884033203,303.63232421875,539.5488949194579,294.5663757324219]},{"page":37,"text":"`use depends on whether or not an Active Directory (AD) LDAP confguration is present in CoreConfg.xml.","rect":[72.0,316.02569580078127,541.4849296740523,306.07305908203127]},{"page":37,"text":"V` alid service account credentials must be confgured in CoreConfg.. If AD authentication is confgured, the","rect":[71.6209945678711,327.5423278808594,539.5391269524391,318.3667907714844]},{"page":37,"text":"`user account is matched by the sAMAccountName LDAP attribute. At client authentication time, if groups","rect":[72.0,339.4983215332031,539.5426468723141,330.3227844238281]},{"page":37,"text":"a` re found in AD for the user, those groups are used by TAK Server. If no groups are found, the fat-fle","rect":[72.0,351.4533386230469,539.5771697095605,342.2778015136719]},{"page":37,"text":"a` uthentication backend is searched for a match on the username. If no groups are found for the user in either","rect":[72.0,363.4083251953125,539.752283501289,354.3423767089844]},{"page":37,"text":"r` epository, the user is assigned to the __ANON__ group.","rect":[72.0,375.3633117675781,328.98528710460666,366.1877746582031]},{"page":37,"text":"W ` hen confguring the input, a TLS input with an auth type of x509 directs TAK Server to use the client","rect":[71.49199676513672,393.2962951660156,539.8110845378592,384.1207580566406]},{"page":37,"text":"`certifcate for both authentication and group assignment. On the input confguration, the on or example, this","rect":[72.0,405.2513122558594,539.5177795998243,396.18536376953127]},{"page":37,"text":"`input defnition specifes streaming TCP encrypted with TLS, authenticating the user with a client certifcate","rect":[72.0,417.2063293457031,539.4787253176002,408.140380859375]},{"page":37,"text":"a` nd also requiring an authentication message, and using the LDAP authentication backend:","rect":[72.0,429.1613464355469,472.19747582530979,419.9858093261719]},{"page":37,"text":"<input","rect":[82.46099853515625,447.25372314453127,113.84318835735322,439.0246276855469]},{"page":37,"text":"_name=\"ldapssl\"","rect":[119.07355499267578,447.25372314453127,197.52904040813446,438.8552551269531]},{"page":37,"text":"protocol=\"tls\"","rect":[202.7593994140625,447.25372314453127,275.9845152616501,438.8552551269531]},{"page":37,"text":"port=\"8091\"","rect":[281.21490478515627,447.25372314453127,338.7489195585251,438.8552551269531]},{"page":37,"text":"auth=\"x509\"/>","rect":[343.97930908203127,445.8689270019531,411.9740782499313,438.1379699707031]},{"page":37,"text":"`9.7 Authentication Backends","rect":[72.0,479.04949951171877,249.65426220703126,470.5493469238281]},{"page":37,"text":"9` .7.1 File-Based","rect":[72.0,497.4066467285156,159.46166842842104,490.3929748535156]},{"page":37,"text":"T` here is now a fat-fle option available to inputs. Previously the only valid value for the <input> “auth” at-","rect":[71.64099884033203,517.7293701171875,541.1874781402721,508.67340087890627]},{"page":37,"text":"`tribute was “ldap”. “fle” is now another valid value. The example confguration fle (CoreConfg.example.xml)","rect":[72.0,530.1326904296875,540.7187820316599,520.1800537109375]},{"page":37,"text":"`contains an example of how to confgure the File-based backend.","rect":[72.0,541.6493530273438,353.1943325147629,532.5833740234375]},{"page":37,"text":"`A utility for creating and maintaining that fat fle is included in the release. Run","rect":[71.62100219726563,559.5823364257813,428.0130075120926,550.40673828125]},{"page":37,"text":"s` udo java -jar /opt/tak/utils/UserManager.jar","rect":[72.0,577.7434692382813,307.3663511991501,568.5579223632813]},{"page":37,"text":"`and look at the various options for the ‘ofineFileAuth’","rect":[72.0,601.3057861328125,313.6528286085129,592.249755859375]},{"page":37,"text":"`9.7.2 Active Directory (AD) / LDAP","rect":[72.0,627.7587280273438,266.16110877799988,617.8060913085938]},{"page":37,"text":"T` AK Server can be confgured to use an Active Directory or LDAP server to authenticate users, and assign","rect":[71.64099884033203,645.7103271484375,539.5631674304576,636.5347290039063]},{"page":37,"text":"g` roups. LDAP confguration for TAK Server varies depending on the confguration of the AD or LDAP","rect":[72.0,657.6653442382813,539.6178227322661,648.48974609375]},{"page":37,"text":"s` erver. Here is an example. Note that it contains credentials for a service account. This is required for group","rect":[72.0,669.620361328125,539.5179623110627,660.5543823242188]},{"page":37,"text":"`membership lookup using a client cert:","rect":[72.0,681.5753784179688,241.07529870128634,672.6189575195313]},{"page":37,"text":"<auth>","rect":[72.0,697.5158081054688,103.38218982219697,691.3788452148438]},{"page":37,"text":"36","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":38,"text":"<ldap url=\"ldap://a.b.com/ou=MyUserOU,DC=a,DC=b,DC=com\"","rect":[82.46099853515625,84.2244644165039,370.1311522245407,75.04890441894531]},{"page":38,"text":"userstring=\"{username}@MYDOMAIN\"","rect":[102.38600158691406,96.18943786621094,269.75767810344697,87.00392150878906]},{"page":38,"text":"updateinterval=\"60000\"","rect":[274.9880676269531,96.11970520019531,390.0561094999313,87.72122955322266]},{"page":38,"text":"style=\"AD\"","rect":[400.516845703125,96.17948150634766,452.8205137968063,87.71126556396485]},{"page":38,"text":"serviceAccountDN=\"mysearchuser@MYDOMAIN\"","rect":[102.38600158691406,108.1344985961914,311.60057361125947,99.6662826538086]},{"page":38,"text":"serviceAccountCredential=\"password\"","rect":[316.8309631347656,108.07472229003906,499.8937254667282,99.6662826538086]},{"page":38,"text":"</auth>","rect":[72.0,118.64493560791016,108.61255176067353,110.91395568847656]},{"page":38,"text":"9` .7.3 Confguring LDAP Through Web Interface","rect":[72.0,151.69351196289063,322.76860061740879,142.7271728515625]},{"page":38,"text":"/>","rect":[505.1241149902344,106.6899185180664,515.5848570585251,98.95893859863281]},{"page":38,"text":"`The LDAP confguration can be changed through an easy to use web page. To access this go to Confguration","rect":[71.64099884033203,360.8393249511719,539.6469295962189,351.6637878417969]},{"page":38,"text":"> Manage Security and Authentication. Under the Authentication heading will be the current LDAP","rect":[71.22299194335938,372.7943115234375,539.5421391385161,363.6187744140625]},{"page":38,"text":"`confguration (the values will be empty if LDAP is not confgured yet). Click on “Edit Authentication” to be","rect":[72.0,385.18768310546877,539.5258122291604,375.23504638671877]},{"page":38,"text":"d` irected to a form to enter desired LDAP settings. Note: Changes made here will only take efect aftera","rect":[72.0,396.704345703125,539.5569999984493,387.52880859375]},{"page":38,"text":"`server restart.","rect":[72.0,406.7166748046875,132.46302453136446,400.49005126953127]},{"page":38,"text":"9` .8 Confguring Messaging and Repository Settings through Web UI","rect":[72.0,436.8970947265625,484.92060583496098,426.13739013671877]},{"page":38,"text":"`Messaging/Repository settings confguration can be done through the input defnitions page. To get there go","rect":[72.0,715.3217163085938,539.5745214213166,705.3690795898438]},{"page":38,"text":"37","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.1532592773438]},{"page":39,"text":"`to Confguration > Input Defnitions in the menu bar. This page displays the current input defnitions at the","rect":[72.0,84.00528717041016,539.5177878176002,74.93931579589844]},{"page":39,"text":"`top and at the bottom the current confguration of Messaging and Repository settings are displayed. To edit","rect":[72.0,95.9603042602539,539.8281160881256,86.89433288574219]},{"page":39,"text":"t` hese setting click “Edit Confguration”. Note: Changes made here will only take efect after a server restart.","rect":[72.0,107.91532135009766,541.2447610368909,98.84934997558594]},{"page":39,"text":"`9.9 Optionally Disabling UI and WebTAK on HTTPS Ports","rect":[72.0,136.1520233154297,434.4337879638672,125.39234924316406]},{"page":39,"text":"`TAK Server can be confgured to optionally disable the Admin UI, non-admin UI or WebTAK on any HTTPS","rect":[71.64099884033203,154.19338989257813,539.6371639712189,145.01783752441407]},{"page":39,"text":"`connector (port). These options can be used to fne-tune the security profle for each HTTPS connector. For","rect":[72.0,166.58663940429688,539.7497375974753,156.63400268554688]},{"page":39,"text":"e` xample, the admin web interface can be moved to an alternate port that is protected by a frewall from","rect":[72.0,178.0933380126953,539.556863364604,169.03733825683595]},{"page":39,"text":"a` ccess on the public Internet.","rect":[72.0,189.93870544433595,199.85003319835665,181.1018829345703]},{"page":39,"text":"I` n the CoreConfg.xml, the enableAdminUI, enableWebtak, and enableNonAdminUI attributes on each","rect":[72.0,207.99136352539063,539.587276345935,198.81581115722657]},{"page":39,"text":"<connector> can be used to optionally disable access to any of these three functions for a given HTTPS","rect":[70.44599914550781,219.94631958007813,539.5678671662475,210.88035583496095]},{"page":39,"text":"c` onnector port. The default value for each of these attributes is true, so by default these functions are","rect":[72.0,231.8914337158203,539.5061247876855,222.83543395996095]},{"page":39,"text":"a` vailable.","rect":[72.0,241.9136505126953,112.35848656749725,234.8999786376953]},{"page":39,"text":"`Usage Examples: Disable webtak on port 8443:","rect":[72.0,261.7893371582031,278.19585839366916,252.8329620361328]},{"page":39,"text":"<` connector","rect":[72.0,278.0,124.30365283489228,272.1407775878906]},{"page":39,"text":"port=\"8443\"","rect":[129.53402709960938,279.8817138671875,187.06802661418915,271.4732971191406]},{"page":39,"text":"_name=\"https\"","rect":[192.2983856201172,279.8817138671875,260.29312427043916,271.4832458496094]},{"page":39,"text":"enableWebtak=\"false\"","rect":[265.52349853515627,277.7497253417969,370.1308165311813,271.4832458496094]},{"page":39,"text":"/>","rect":[375.3612060546875,278.4969177246094,385.8219481229782,270.7659606933594]},{"page":39,"text":"O` n port 8452, disable admin UI, but enable WebTAK and non-admin UI:","rect":[72.0,303.5127868652344,393.6823696241379,294.456787109375]},{"page":39,"text":"<` connector","rect":[72.0,320.0,124.30365283489228,313.9837951660156]},{"page":39,"text":"port=\"8452\"","rect":[129.53402709960938,321.7247314453125,187.06802661418915,313.3163146972656]},{"page":39,"text":"_name=\"https\"","rect":[192.2983856201172,321.7247314453125,260.29312427043916,313.3262634277344]},{"page":39,"text":"enableAdminUI=\"false\"","rect":[265.52349853515627,319.6226501464844,375.3611632108688,313.3163146972656]},{"page":39,"text":"/>","rect":[380.591552734375,320.3399353027344,391.0522948026657,312.6089782714844]},{"page":39,"text":"D` isable WebTAK on OAuth port 8446:","rect":[72.0,345.3558044433594,242.8386196241379,336.2998046875]},{"page":39,"text":"<` connector","rect":[72.0,362.0,124.30365283489228,355.8267822265625]},{"page":39,"text":"port=\"8446\"","rect":[129.53402709960938,363.5677185058594,187.06802661418915,355.1593017578125]},{"page":39,"text":"clientAuth=\"false\"","rect":[192.2983856201172,361.4158020019531,286.4449644804001,355.1593017578125]},{"page":39,"text":"_name=\"cert_https\"","rect":[291.67535400390627,363.5677185058594,385.8219481229782,355.16925048828127]},{"page":39,"text":"enableWebtak=\"false\"/>","rect":[391.0523376464844,362.18292236328127,506.1204100370407,354.45196533203127]},{"page":39,"text":"9` .10 VBM Admin Confguration","rect":[72.0,397.623046875,271.13780212402346,386.86334228515627]},{"page":39,"text":"TAK Server can allow for additional fltering of cot messages recieved from inputs (server ports) and data","rect":[71.64099884033203,416.1016845703125,539.5388307401627,406.1490478515625]},{"page":39,"text":"f` eeds by using the VBM Confguration page in the Admin UI. To navigate there, go to Administative > VBM","rect":[72.0,427.61834716796877,539.605641272311,418.44281005859377]},{"page":39,"text":"`Confguration as shown below.","rect":[72.0,439.5733337402344,205.15015832042696,430.50738525390627]},{"page":39,"text":"38","rect":[301.01898193359377,750.09716796875,310.9815745353699,743.2528686523438]},{"page":40,"text":"`You will then see the following options.","rect":[71.6209945678711,552.474365234375,243.1370815382004,543.4083862304688]},{"page":40,"text":"39","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":41,"text":"T` o modify the VBM confgurations select the checkbox next to the desired option and when you’re fnished","rect":[71.64099884033203,84.00528717041016,539.5443435747908,74.93931579589844]},{"page":41,"text":"c` lick “Save changes”.","rect":[72.0,95.9603042602539,161.90249291515353,86.89433288574219]},{"page":41,"text":"NOTE: “Disable SA Sharing” and “Disable Chat Sharing” will only be used if “Enable VBM” is selected.","rect":[71.44000244140625,113.8833236694336,530.177705915451,104.71772766113281]},{"page":41,"text":"T` he VBM options have the following impact:","rect":[71.64099884033203,131.82528686523438,268.701198969841,122.75932312011719]},{"page":41,"text":"I` f “Enable VBM” is selected, messages recieved on a data feed are only brokered to clients which are subscribed","rect":[72.0,149.75827026367188,539.5471981509064,140.6923065185547]},{"page":41,"text":"`to the mission if the message falls within the bounding box specifed by the mission. For example, the message","rect":[72.0,161.71334838867188,539.5276755129127,152.6473846435547]},{"page":41,"text":"r` epresented by the blue dot would be passed on while the message represented by the green dot would be","rect":[72.0,173.66830444335938,539.5452192530954,164.71192932128907]},{"page":41,"text":"`fltered out for the mission with the displayed bounding box only if “Enable VBM” is turned on.","rect":[72.0,185.62429809570313,493.62713280773166,176.55833435058595]},{"page":41,"text":"The second two options are only activated if “Enable VBM” is on and they refer to messages recieved from","rect":[71.64099884033203,529.182373046875,539.583634086573,520.1163940429688]},{"page":41,"text":"i` nputs (server ports). These options flter messages based on whether they are chat messages. Chat messages","rect":[72.0,541.5767211914063,539.5471375099805,531.6240844726563]},{"page":41,"text":"i` n this context are cot messages which have a type set to “b-t-f”.","rect":[72.0,553.0933837890625,353.7523159132004,544.0274047851563]},{"page":41,"text":"`If “Disable SA Sharing” is selected, messages recieved from inputs are passed on if the message is a chat","rect":[72.0,571.025390625,539.8414190105154,561.8497924804688]},{"page":41,"text":"m` essage as defned above.","rect":[72.0,582.9813232421875,184.43789330577853,573.9153442382813]},{"page":41,"text":"`If “Disable Chat Sharing” is selected, messages recieved from inputs are passed on if the messages is NOT a","rect":[72.0,600.913330078125,539.5740040157442,591.8473510742188]},{"page":41,"text":"c` hat message as defned above.","rect":[72.0,612.8693237304688,206.27590600109103,603.8033447265625]},{"page":41,"text":"T` hese options are not mutually exclusive. Therefore, having both selected will flter out all messages recieved","rect":[71.64099884033203,630.8013916015625,539.5006283266877,621.7354125976563]},{"page":41,"text":"`on inputs.","rect":[72.0,642.6367797851563,115.72584954357147,634.1685791015625]},{"page":41,"text":"10 WebTAK","rect":[72.0,673.81787109375,170.60143211364747,663.61767578125]},{"page":41,"text":"The WebTAK front-end application is bundled with TAK Server. The WebTAK back-end WebSockets","rect":[71.64099884033203,697.40380859375,539.5739599440906,688.3477783203125]},{"page":41,"text":"`networking channel and APIs are provided by TAK Server. WebTAK must be accessed using https.","rect":[72.0,709.4783935546875,507.514919672966,700.3027954101563]},{"page":41,"text":"40","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":42,"text":"`WebTAK can be accessed either with X.509 client certifcates (default https port 8443), or by username-","rect":[71.49199676513672,84.44364166259766,541.2031714716235,74.49100494384766]},{"page":42,"text":"`password access using OAuth (https port 8446).","rect":[72.0,96.3986587524414,281.4138149366379,86.4460220336914]},{"page":42,"text":"`In either case, TAK Server must be confgured with a server certifcate and truststore (see Appendix B).","rect":[72.0,114.3316421508789,528.0379604444504,104.3790054321289]},{"page":42,"text":"I` n the Admin UI menu, use Situation Awareness -> WebTAK t` o access WebTAK.","rect":[72.0,130.62977600097657,452.95684472179416,122.64973449707031]},{"page":42,"text":"11 Device Profles","rect":[72.0,162.8007354736328,209.70917213726043,152.68666076660157]},{"page":42,"text":"`TAK Server can now assist in provisioning ATAK devices through Device Profles. The Device Profle Manager","rect":[71.64099884033203,186.59231567382813,539.754480766914,177.41676330566407]},{"page":42,"text":"(under Administrative Menu, Device Profles) allows administrators to build profles that can be applied to","rect":[70.83399963378906,198.98562622070313,539.4916052094351,189.03298950195313]},{"page":42,"text":"`clients when enrolling for certifcates, and when connecting to TAK server. The Profle consists of a sets","rect":[72.0,210.50234985351563,539.5265966628406,201.32679748535157]},{"page":42,"text":"`of fles, which can include settings and data in any fle format that is supported by TAK Mission Packages.","rect":[72.0,222.45730590820313,541.4747801128611,213.28175354003907]},{"page":42,"text":"`Profles can be made public or restricted to individual Groups.","rect":[72.0,234.2927703857422,345.63274804210666,225.3463592529297]},{"page":42,"text":"W ` hen an ATAK device enrolls for client certifcate, or optionally after connecting to TAK server, TAK server","rect":[71.49199676513672,252.34530639648438,539.7226814505077,243.1697540283203]},{"page":42,"text":"w` ill return all profles that need to be applied to the device. The TAK server administrator can also pusha","rect":[71.64099884033203,264.1807861328125,539.5343963312212,255.12477111816407]},{"page":42,"text":"`profle to a connected user by clicking the Send link within the Device Profle Manager.","rect":[72.0,276.2563171386719,453.9361843214035,267.19036865234377]},{"page":42,"text":"12 Federation","rect":[72.0,307.230712890625,178.93657457828523,297.2027282714844]},{"page":42,"text":"12.1 Overview","rect":[72.0,331.1044921875,164.42564013671876,322.6282653808594]},{"page":42,"text":"`Federation will allow subsets of ATAK users who are connected to diferent servers to work together, even","rect":[72.0,351.4043273925781,539.5495730751019,342.2287902832031]},{"page":42,"text":"t` hough each TAK server instance (hereafter refered to as ‘federates’) may be run by independent organizations","rect":[72.0,363.7976989746094,539.5177795998243,353.8450622558594]},{"page":42,"text":"/` administrative domains. It brings some of the following benefts/restrictions:","rect":[71.00399780273438,375.752685546875,414.02621117687229,365.800048828125]},{"page":42,"text":"1.","rect":[84.177001953125,391.20501708984377,91.91794243907929,384.5699157714844]},{"page":42,"text":"2.","rect":[84.17699432373047,415.114990234375,91.91793480968475,408.4798889160156]},{"page":42,"text":"3.","rect":[84.177001953125,439.2352294921875,91.91794243907929,432.3908996582031]},{"page":42,"text":"Each administrative domain does not need to share anything about their internal structure","rect":[96.9070053100586,393.247314453125,539.5774138501855,384.29095458984377]},{"page":42,"text":"(e.g. LDAP/Active Directory information / users) with the other administrative domain.","rect":[95.74099731445313,405.64068603515627,483.6546901807785,395.68804931640627]},{"page":42,"text":"Each administrative domain has control over what data they share with the other domain, but has no","rect":[96.9070053100586,417.14739990234377,539.5927695876637,408.20098876953127]},{"page":42,"text":"control over what the other administrative domain does with data that is shared.","rect":[96.9070053100586,427.1696472167969,451.4160122022629,420.1559753417969]},{"page":42,"text":"It requires no reconfguration of ATAKs connected to either TAK Server, and the mechanism for","rect":[96.9070053100586,441.0683288574219,539.8011648190999,431.8927917480469]},{"page":42,"text":"connecting the TAK Servers does not allow direct connections of ATAK devices from the other","rect":[96.9070053100586,453.0233154296875,539.8010427487874,443.8477783203125]},{"page":42,"text":"administrative domain.","rect":[96.9070053100586,463.03564453125,197.60897484874728,456.02197265625]},{"page":42,"text":"12.2 Enable Federation","rect":[72.00000762939453,490.8837890625,216.2036590576172,482.527099609375]},{"page":42,"text":"The frst step is to enable federation on your TAK server. To do this, frst go the Confguration > Manage","rect":[71.64099884033203,511.2563171386719,539.5809482530051,502.0807800292969]},{"page":42,"text":"F` ederates page. If federation is not yet enabled, click on the Edit Confguration button. This is also where","rect":[72.0,523.2113647460938,539.5194858506613,514.1453857421875]},{"page":42,"text":"y` ou can pick the ports for each federation protocol.","rect":[71.74099731445313,535.1563720703125,295.5706752882004,526.1004028320313]},{"page":42,"text":"41","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.143310546875]},{"page":43,"text":"D` o not forget to restart the server after changing the federation confguration in order for the changes to take","rect":[72.0,336.8623352050781,539.5372580324439,327.79638671875]},{"page":43,"text":"efect!","rect":[72.0,346.8746337890625,97.70351067638397,339.64178466796877]},{"page":43,"text":"12.3 Upload Federate Certifcate","rect":[72.0,376.9713439941406,272.6082679443359,366.29534912109377]},{"page":43,"text":"I` n order for the federate servers to trust each other and their ATAK clients, they must share each others","rect":[72.0,395.08538818359377,539.5162817214343,385.9197998046875]},{"page":43,"text":"`certifcate authorities (CAs) in order to create a separate federate trust-store. One of the key components","rect":[72.0,407.4886779785156,539.5037773341857,397.5360412597656]},{"page":43,"text":"`to how TAK Server satisfes all the restrictions is that we use one trust-store for local users, and one for","rect":[72.0,417.1722412109375,539.7295705808186,409.8298034667969]},{"page":43,"text":"`Federates. The trust-store contains all the valid CAs that you will allow client certifcates from. By having","rect":[72.0,430.9603271484375,539.5015162549066,421.7847900390625]},{"page":43,"text":"`separate trust-stores, we can have the Federation channels allow connections with certifcates from “outside”","rect":[72.0,442.7967834472656,541.4086831711558,433.8503723144531]},{"page":43,"text":"`CAs, while not allowing ATAKs with certs from those “outside” CAs to make direct connections to our server.","rect":[72.0,454.8713073730469,541.5096231631974,445.6957702636719]},{"page":43,"text":"`Generally, we share the public CA, which you can fnd at /opt/tak/cert/fles/ca.pem, via some third channel","rect":[72.0,624.8187255859375,539.555107377175,614.8660888671875]},{"page":43,"text":"`such as email or a USB drive. Once you have traded CAs, go the the Manage Federate Certifate Authorities","rect":[72.0,636.3353271484375,539.5805156867026,627.1597290039063]},{"page":43,"text":"`page and upload the CA of the federate you want to connect to.","rect":[72.0,648.2913818359375,352.1383022413254,639.1157836914063]},{"page":43,"text":"12.4 Make the Connection","rect":[72.0,674.2684936523438,235.8938446044922,665.792236328125]},{"page":43,"text":"`Now that we have enabled federation and shared our CA with the other TAK server authority, we are","rect":[72.0,694.558349609375,539.5974944165918,685.3927612304688]},{"page":43,"text":"r` eady to make the connection and start sharing. For this step, only ONE of the servers creates an outgoing","rect":[72.0,706.5233764648438,539.5524767754008,697.4573974609375]},{"page":43,"text":"c` onnection to the other. If you are starting the connection, go back to the Manage Federates page where you","rect":[72.0,718.4783935546875,539.5763729555939,709.4124145507813]},{"page":43,"text":"42","rect":[301.0190124511719,749.8880004882813,310.981605052948,743.143310546875]},{"page":44,"text":"`enabled federation from step 1. You will now see three sections, Active Connections, Outgoing Connection","rect":[72.0,84.00528717041016,539.5470123363679,74.82972717285156]},{"page":44,"text":"C` onfguration, and Federate Confguration. To create an outgoing connection, click on the corresponding link,","rect":[72.0,95.9603042602539,540.9334512881974,86.89433288574219]},{"page":44,"text":"a` nd enter in the address and port of the destination server. You can also pick the protocol version (make","rect":[72.0,108.35367584228516,539.5366423658105,98.40103912353516]},{"page":44,"text":"`sure it is the right protocol for the port you are connecting to!), reconnection interval (how long between","rect":[72.0,120.3086929321289,539.5060385529663,110.3560562133789]},{"page":44,"text":"`retries if the connection is lost), and whether or not the connection will be enabled on creation.","rect":[72.0,132.26364135742188,488.62591210460666,122.3110122680664]},{"page":44,"text":"`Now that you have created and started a connection, you will notice that no information is yet fowing","rect":[72.0,429.8883361816406,539.5771416000118,420.8223876953125]},{"page":44,"text":"b` etween federates. This is because you and your fellow federate must specify which fltering groups you","rect":[72.0,441.84332275390627,539.5366171662475,432.7773742675781]},{"page":44,"text":"`will allow to fow out of and into your server. To manage this, click on the Manage Groups link in the","rect":[71.64099884033203,453.7983093261719,539.5840056470605,444.73236083984377]},{"page":44,"text":"`corresponding row of the Federate Confguration section. Here you can specify the groups, including the","rect":[72.0,465.7533264160156,539.5467131665918,456.6873779296875]},{"page":44,"text":"`special __ANON__ group if you want. Once both servers have confgured the groups, trafc will start to","rect":[72.0,477.7083435058594,539.5938294870159,468.5328063964844]},{"page":44,"text":"`fow. A server restart is not necessary for these changes to take efect.","rect":[72.0,489.663330078125,377.21416894054416,480.48779296875]},{"page":44,"text":"43","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":45,"text":"12.5 Federated Group Mapping","rect":[72.0,432.0550537109375,266.0806999511719,421.31927490234377]},{"page":45,"text":"T` he fow of trafc between","rect":[71.64099884033203,449.0,184.88606533840645,441.0293884277344]},{"page":45,"text":"M` apping section is on the","rect":[72.0,462.0503234863281,184.63713940811159,453.0939636230469]},{"page":45,"text":"Federates may be directed","rect":[187.92245483398438,450.08538818359377,299.40037808254706,441.13897705078127]},{"page":45,"text":"Federate Groups page.","rect":[187.95468139648438,462.0503234863281,286.14605370616916,452.984375]},{"page":45,"text":"using","rect":[302.436767578125,450.0953369140625,324.70696083986857,441.507568359375]},{"page":45,"text":"end-to-end","rect":[327.74334716796877,449.0,373.26002774075018,441.13897705078127]},{"page":45,"text":"group","rect":[376.2964172363281,450.0953369140625,400.7145260317658,443.0]},{"page":45,"text":"mapping.","rect":[403.75091552734377,450.0953369140625,443.3119913272598,441.507568359375]},{"page":45,"text":"The","rect":[447.64691162109377,449.0,464.4496115480689,441.13897705078127]},{"page":45,"text":"Federated","rect":[467.48602294921877,449.0,509.3512447817658,441.13897705078127]},{"page":45,"text":"Group","rect":[512.3876342773438,449.9757995605469,539.5785702212189,441.0293884277344]},{"page":45,"text":"`Groups are exchanged during active connections between Federates. The remote groups will appear in the","rect":[72.0,479.98333740234377,539.5413586603985,470.9173889160156]},{"page":45,"text":"‘Remote Group List’ drop down in the Federated Group Mapping section. Connected Federates must have","rect":[70.61499786376953,491.9383239746094,539.5501511458718,482.87237548828127]},{"page":45,"text":"`Federated Group Mapping enabled in order for the Federates to exchange their respective remote groups.","rect":[72.0,503.8943176269531,541.4571668663284,494.828369140625]},{"page":45,"text":"T` his parameter is in the Federation Confguration section in the Confguration > Manage Federates page.","rect":[71.64099884033203,515.849365234375,533.7559780225754,506.78338623046877]},{"page":45,"text":"To confgure the end-to-end mapping, select a remote group and map it to a local Federate group. Remote","rect":[71.64099884033203,533.7813720703125,539.6109775498801,524.7153930664063]},{"page":45,"text":"`groups may also be entered directly in the ‘Remote Group’ feld. A single remote group can be mapped","rect":[72.0,545.7373657226563,539.5773276154663,536.561767578125]},{"page":45,"text":"t` o many local groups. Additionally, multiple end-to-end group mappings may be defned. With a group","rect":[72.0,557.6923828125,539.5670737092163,548.5167846679688]},{"page":45,"text":"`mapping confgured, trafc from the remote group will only fow to the mapped local group(s). Note: if no","rect":[72.0,570.085693359375,539.5943034334276,560.133056640625]},{"page":45,"text":"i` ncoming trafc matches the remote groups confgured, the federation trafc will fall back to the Federate","rect":[72.0,581.6023559570313,539.5401601810733,572.536376953125]},{"page":45,"text":"`Group scheme described previously.","rect":[72.0,593.54736328125,227.39663354015353,584.4913940429688]},{"page":45,"text":"44","rect":[301.01898193359377,749.8880004882813,310.9815745353699,743.143310546875]},{"page":46,"text":"12.6 Mission Federation Disruption Tolerance","rect":[72.0,467.8253479003906,349.3367530517578,457.2210998535156]},{"page":46,"text":"Trafc between federated servers may be disrupted, and updates to missions could happen during that","rect":[71.64099884033203,485.9493408203125,539.8177373698904,476.8833923339844]},{"page":46,"text":"d` isruption. Mission federation disruption tolerance will update each server with changes to federated missions","rect":[72.0,497.9043273925781,539.4884827248243,488.83837890625]},{"page":46,"text":"t` hat occured during the disruption. To enable this feature, check the box in the Federation Confguration","rect":[72.0,509.8593444824219,539.5089819583672,500.79339599609377]},{"page":46,"text":"page:","rect":[72.0,521.8153686523438,94.67487755870819,515.2599487304688]},{"page":46,"text":"45","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":47,"text":"S` ending all the changes that occured between disruptions could potentially take a lot of bandwidth, so by","rect":[72.0,336.4223327636719,539.8839759871107,327.35638427734377]},{"page":47,"text":"d` efault, we limit the changes to those that occured within the last 2 days. For example, if a disruption lasted","rect":[72.0,348.3773193359375,539.5080746157502,339.3113708496094]},{"page":47,"text":"3 weeks, we would only send the changes from the previous 2 days. However, if the disruption only lasteda","rect":[71.7509994506836,360.3323059082031,539.5518664238383,351.266357421875]},{"page":47,"text":"f` ew hours, only the changes since the last disruption would be sent. If the Unlimited checkbox is checked,","rect":[72.0,372.2873229980469,540.8851932300509,363.22137451171877]},{"page":47,"text":"t` hen all changes since the last disruption would be sent. The 2 day limit can be changed to any length with","rect":[72.0,384.2423400878906,539.5400625420407,375.2859802246094]},{"page":47,"text":"t` he Send Changes Newer Than setting, and the period can be selected as days, hours, or seconds.","rect":[72.0,396.19732666015627,497.51250878429416,387.1313781738281]},{"page":47,"text":"`It is also possible to override the global setting for a particular mission, if so desired.","rect":[72.0,414.1303405761719,441.7120632276535,405.06439208984377]},{"page":47,"text":"`For example, in the above image, we see that mission_2 will send updates up to over the last 10 days,","rect":[72.0,572.599365234375,540.9692518272659,563.6429443359375]},{"page":47,"text":"`mission_2 only over the last 12 hours, and mission_4 will send all updates since the last disruption. Any","rect":[72.0,584.5443725585938,539.9105921113863,575.3787841796875]},{"page":47,"text":"`mission that is not listed, and any subsequently added mission, will follow the global setting of 2 days, as set","rect":[72.0,596.5103759765625,539.7871818548484,587.4443969726563]},{"page":47,"text":"`above.","rect":[72.0,606.5225830078125,99.64621392345429,599.5089111328125]},{"page":47,"text":"46","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":48,"text":"T` he Clear Federation Events button will reset the disruption history for federation. This means that on the","rect":[71.64099884033203,523.726318359375,539.4941762713477,514.6703491210938]},{"page":48,"text":"`next reconnection, the server will send the max allowed mission changes according to the Mission Federation","rect":[72.0,535.69140625,539.5283355497967,526.7349853515625]},{"page":48,"text":"D` isruption Tolerance settings. In the above case, that would be 10 days for mission_2, 12 hours for mission_3,","rect":[72.0,547.6463623046875,540.9531656436661,538.5803833007813]},{"page":48,"text":"`and the entire change history for mission_4. For all other missions this would be 2 days worth of mission","rect":[72.0,559.6023559570313,539.5553186220334,550.536376953125]},{"page":48,"text":"`changes.","rect":[72.0,571.557373046875,108.2738308057785,562.6009521484375]},{"page":48,"text":"12.7 Data Package and Mission File Blocker","rect":[72.0,599.7940673828125,340.57361853027347,589.1060791015625]},{"page":48,"text":"`Data packages, mission packages, and missions can be federated between servers and their respective ATAK","rect":[72.0,617.8343505859375,539.9474556052281,608.6587524414063]},{"page":48,"text":"c` lients. These packages may contain confguration fles such as ATAK .pref fles that can result in the","rect":[72.0,629.7893676757813,539.567037873623,620.61376953125]},{"page":48,"text":"d` istribution of unwanted confguration changes to ATAK devices. A flter can be enabled to block fles by","rect":[72.0,641.745361328125,539.9243836586235,632.5697631835938]},{"page":48,"text":"f` le-type. To enable this feature, check the Data Package and Mission File Blocker box in the Federation","rect":[72.0,653.7003784179688,539.5162924592163,644.6343994140625]},{"page":48,"text":"`Confguration page. The default fle extension value is ‘pref’. This can be changed by entering a new fle","rect":[72.0,665.6553344726563,539.5466521314355,656.58935546875]},{"page":48,"text":"`type, clicking on the ‘Add’ button to add the entry, and clicking on the ‘Save’ buton at the bottom of the","rect":[72.0,677.6103515625,539.5098867435733,668.4347534179688]},{"page":48,"text":"`Federation Confguration page.","rect":[72.0,689.5653686523438,207.1227535352707,680.4993896484375]},{"page":48,"text":"47","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":49,"text":"12.8 Federation Example","rect":[72.0,240.9973602294922,227.02309338378908,230.39309692382813]},{"page":49,"text":"The fgure below shows a connectivity graph of two distinct administrative domains. Each administrative","rect":[71.64099884033203,259.1213073730469,539.5312422023142,250.0553436279297]},{"page":49,"text":"`domain has multiple sub-groups (e.g. “CN=Alpha”) utilizing the group-fltering. The color coding indicates","rect":[72.0,271.5146789550781,539.5365584105647,261.5620422363281]},{"page":49,"text":"`the CA that is used to sign the certifcate used for connections. Enclave 1’s CA signs ATAK client certs and","rect":[72.0,283.03131103515627,539.5511987058486,273.85577392578127]},{"page":49,"text":"a` server certifcate. Enclave 2’s CA also signs ATAK client certs and a server cert. The trust-store listing the","rect":[72.0,294.9873352050781,539.5080832277564,285.8117980957031]},{"page":49,"text":"a` llowed CAs for the “User Port” only contains a single CA (i.e. Enclave 1 CA for Enclave 1). To federate","rect":[72.0,307.38067626953127,539.5960005030954,297.42803955078127]},{"page":49,"text":"`the servers, Enclave 1 and Enclave 2 send each other the “public” CA cert. Those certifcates are put in a","rect":[72.0,318.77777099609377,539.5475216763264,309.7217712402344]},{"page":49,"text":"s` eparate trust store that is used only for federation connections. The “Fed. Port” is confgured with this","rect":[72.0,330.8523254394531,539.5162206862781,321.786376953125]},{"page":49,"text":"s` eparate trust-store. The server cert from each administrative domain can now be used to connect to the","rect":[72.0,342.6877746582031,539.5466521314355,333.7413635253906]},{"page":49,"text":"“Fed. Port” of the other domain.","rect":[70.58499908447266,352.81964111328127,214.68401757335665,345.6963806152344]},{"page":49,"text":"`12.8.1 Alternate Confguration","rect":[72.0,487.425537109375,233.21478122138979,478.4591979980469]},{"page":49,"text":"T` he frst example had each federate using the same CA and server certifcate for local and federate connections.","rect":[71.64099884033203,505.86431884765627,541.4728799991349,496.68878173828127]},{"page":49,"text":"I` f you are very paranoid, or don’t want to share anything about the crypto being used for local clients, you","rect":[72.0,517.8193359375,539.5450149615095,508.75335693359377]},{"page":49,"text":"c` an have a wholly separate CA+server certifcate chain that is used for federation. Figure 5 shows how this","rect":[72.0,529.7743530273438,539.550066143863,520.5987548828125]},{"page":49,"text":"`would work.","rect":[71.64099884033203,539.78759765625,124.48263207530975,532.77392578125]},{"page":49,"text":"`This adds some complexity, but can be used if you don’t want to expose your ‘internal’ CA to the organizations","rect":[71.64099884033203,666.4793701171875,539.5396301857618,657.3037719726563]},{"page":49,"text":"`that you are federating with.","rect":[72.0,678.434326171875,197.8375972852707,669.3683471679688]},{"page":49,"text":"48","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":50,"text":"13 Metrics","rect":[72.0,82.12075805664063,157.7902726011276,72.1214599609375]},{"page":50,"text":"`The TAK Server Metrics Dashboard is available in the Monitoring menu. The dashboard continuously renders","rect":[71.64099884033203,105.8252944946289,539.5396301857618,96.64973449707031]},{"page":50,"text":"`the following information:","rect":[72.0,117.7813491821289,184.53751793956759,108.71537780761719]},{"page":50,"text":"`Server Start Time and Server Up Time T` his tell you when the server was turned on and how long it","rect":[72.0,135.71334838867188,540.0229181013988,126.72708892822266]},{"page":50,"text":"`has been operating.","rect":[72.0,147.66934204101563,157.24001732921603,138.7129669189453]},{"page":50,"text":"C` lients Connected This tells you how many connections your client","rect":[72.0,165.5913848876953,369.0205398441599,156.61508178710938]},{"page":50,"text":"t` o the number of clients that are displayed in the client dashboard.","rect":[72.0,177.5463409423828,364.442165766716,168.49034118652345]},{"page":50,"text":"is","rect":[372.02764892578127,164.0,378.57884527365237,157.0135955810547]},{"page":50,"text":"currently","rect":[381.576171875,165.5913848876953,420.07307977942068,156.6449737548828]},{"page":50,"text":"servicing.","rect":[423.0704345703125,165.60134887695313,462.9634805850723,157.0135955810547]},{"page":50,"text":"This","rect":[467.27886962890627,164.0,486.2978699318555,156.6449737548828]},{"page":50,"text":"corresponds","rect":[489.29522705078127,165.48179626464845,539.5862610451368,156.6449737548828]},{"page":50,"text":"H` eap Usage T` AK server runs inside one or more Java Virtual Machines (JVM). Heap Commited is how","rect":[72.0,195.92770385742188,540.0015569807779,185.97506713867188]},{"page":50,"text":"`much heap memory in MB is allocated to the API process for TAK Server, and Heap Used is how much of","rect":[72.0,207.43434143066407,539.6295915392705,198.2687530517578]},{"page":50,"text":"t` hat is currently being used.","rect":[72.0,219.40036010742188,195.16762963390353,210.44398498535157]},{"page":50,"text":"`Network I/O and Reads/Writes `This tells you how much TCP and UDP trafc the server is currently","rect":[72.0,237.77066040039063,540.0803729916843,227.81802368164063]},{"page":50,"text":"h` andling, as well as a brief history.","rect":[72.0,249.28732299804688,223.71047631359103,240.2213592529297]},{"page":50,"text":"C` PU Usage How much of the CPU of the machine the server is running on is currently being used.","rect":[72.0,267.2203063964844,512.3812831983566,258.15435791015627]},{"page":50,"text":"14 Logging","rect":[72.0,481.48724365234377,159.6409335346222,468.7765197753906]},{"page":50,"text":"TAK Server provides several log fles to provide information about relevant events that happen during","rect":[71.64099884033203,502.4803161621094,539.5330742171993,493.3047790527344]},{"page":50,"text":"e` xecution. The log fles are located in the /opt/tak/logs directory. This table shows the name of the log fles,","rect":[72.0,514.8737182617188,540.9335733585099,504.9210510253906]},{"page":50,"text":"`and their function.","rect":[72.0,524.4486083984375,153.56380883312228,517.3253784179688]},{"page":50,"text":"Name of Log File","rect":[77.72299194335938,547.9793701171875,153.50849255752565,538.9133911132813]},{"page":50,"text":"t` akserver-messaging.log","rect":[77.72299194335938,564.9363403320313,179.95920515060426,555.9799194335938]},{"page":50,"text":"t` akserver-api.log","rect":[77.72299194335938,588.8463745117188,149.4238200187683,579.8899536132813]},{"page":50,"text":"t` akserver-messaging-","rect":[77.72299194335938,612.75732421875,167.79485589885713,603.8009033203125]},{"page":50,"text":"console.log","rect":[77.72299194335938,624.7123413085938,124.2284083366394,615.7559204101563]},{"page":50,"text":"`takserver-api-console.log","rect":[77.72299194335938,636.6673583984375,183.76491498947144,627.7109375]},{"page":50,"text":"Purpose","rect":[225.34878540039063,547.8598022460938,260.6860896034241,539.132568359375]},{"page":50,"text":"Execution-level information about the messaging process, including","rect":[225.28903198242188,564.9363403320313,518.7374033927918,555.870361328125]},{"page":50,"text":"c` lient connection events, error messages and warnings.","rect":[225.39500427246095,576.891357421875,462.1561245069504,567.9349365234375]},{"page":50,"text":"Execution-level information about the API process, including error","rect":[225.30894470214845,588.8463745117188,517.2131255273819,579.6707763671875]},{"page":50,"text":"`messages and warnings.","rect":[225.39500427246095,600.8013916015625,328.22896996593479,591.844970703125]},{"page":50,"text":"`Java Virtual Machine (JVM) informational messages and errors, for the","rect":[225.13600158691407,613.1956787109375,533.9464921728084,603.2430419921875]},{"page":50,"text":"`messaging process.","rect":[225.39500427246095,624.7123413085938,306.659939204216,616.1245727539063]},{"page":50,"text":"`Java Virtual Machine (JVM) informational messages and errors, for the","rect":[225.13600158691407,637.105712890625,533.9464921728084,627.153076171875]},{"page":50,"text":"A` PI process.","rect":[225.01699829101563,648.5028076171875,280.31939354991916,639.44677734375]},{"page":50,"text":"15 Group Filtering for Multicast Networks","rect":[72.0,689.09326171875,385.0627030210495,676.181640625]},{"page":50,"text":"The proxy attribute on the CoreConfg input element ( <input ... proxy=“true” ... /> ) was removed","rect":[71.64099884033203,710.5256958007813,539.5434531037475,700.5730590820313]},{"page":50,"text":"`in TAK Server 4.1. The intent of the proxy attribute was to control bridging of multicast networks and","rect":[72.0,722.0423583984375,539.5364340607788,712.8667602539063]},{"page":50,"text":"49","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.143310546875]},{"page":51,"text":"`federating multicast data. As TAK Server’s group fltering capabilities have evolved, having a dedicated","rect":[72.0,84.00528717041016,539.5162924592163,74.82972717285156]},{"page":51,"text":"p` roxy attribute is no longer needed. Using fltergroup on the mcast input you can achieve greater control","rect":[72.0,95.9603042602539,539.5366346397659,86.89433288574219]},{"page":51,"text":"`over multicast trafc. The default behavior in TAK Server 4.1 and higher is to put multicast trafc in the","rect":[72.0,107.91532135009766,539.529331311644,98.73976135253906]},{"page":51,"text":"`__ANON__ group. You can use a fltergroup on the mcast input to put your mcast trafc into a dedicated","rect":[70.50599670410156,119.8703384399414,539.6338653349529,110.69477844238281]},{"page":51,"text":"m` ulticast group, for example:","rect":[72.0,131.82528686523438,200.10906640148165,122.75932312011719]},{"page":51,"text":"`<input","rect":[72.0,149.9176788330078,103.38218982219697,141.68856811523438]},{"page":51,"text":"auth=\"anonymous\"","rect":[108.61255645751953,149.97744750976563,192.29840381145477,141.5192108154297]},{"page":51,"text":"_name=\"","rect":[197.5287628173828,149.0,234.14131457805633,141.5192108154297]},{"page":51,"text":"SAproxy","rect":[239.37167358398438,149.97744750976563,275.98424060344697,141.50924682617188]},{"page":51,"text":"<filtergroup>__MCAST__</filtergroup>","rect":[82.46099853515625,161.94248962402345,270.7540770292282,152.75697326660157]},{"page":51,"text":"</input>","rect":[72.0,173.8277130126953,113.84292132854462,164.71192932128907]},{"page":51,"text":"\"","rect":[281.214599609375,144.44821166992188,286.4449644804001,141.5192108154297]},{"page":51,"text":"protocol=\"mcast\"","rect":[291.67535400390627,149.9176788330078,375.3612242460251,141.5192108154297]},{"page":51,"text":"port=\"6969\"","rect":[380.59161376953127,149.9176788330078,438.1256285429001,141.5192108154297]},{"page":51,"text":"group=\"239.2.3.1\">","rect":[443.35601806640627,149.98741149902345,537.5025816679001,141.5192108154297]},{"page":51,"text":"T` hen add the __MCAST__ group as a fltergroup on any other inputs you wanted to share multicast trafc","rect":[71.64099884033203,197.57931518554688,539.6273459230689,188.4037628173828]},{"page":51,"text":"w` ith. For example, to share multicast trafc with the tls/8089, confgure your input fltergroups as follows:","rect":[71.64099884033203,209.97268676757813,538.4185756788254,200.02005004882813]},{"page":51,"text":"`<input","rect":[72.0,227.62672424316407,103.38218982219697,219.39761352539063]},{"page":51,"text":"auth=\"anonymous\"","rect":[108.61255645751953,227.68649291992188,192.29840381145477,219.22825622558595]},{"page":51,"text":"_name=\"stdssl1\"","rect":[197.5287628173828,227.0,275.98424060344697,219.22825622558595]},{"page":51,"text":"<filtergroup>__ANON__</filtergroup>","rect":[82.46099853515625,239.65147399902345,265.5236998319626,230.46595764160157]},{"page":51,"text":"<filtergroup>__MCAST__</filtergroup>","rect":[82.46099853515625,251.6064910888672,270.7540770292282,242.4209747314453]},{"page":51,"text":"</input>","rect":[72.0,263.49169921875,113.84292132854462,254.3759307861328]},{"page":51,"text":"protocol=\"tls\"","rect":[281.2146301269531,227.62672424316407,354.4397459745407,219.22825622558595]},{"page":51,"text":"port=\"8089\"","rect":[359.6701354980469,227.62672424316407,417.2041502714157,219.22825622558595]},{"page":51,"text":"archive=\"true\">","rect":[422.4345397949219,225.4748077392578,500.8900328397751,219.22825622558595]},{"page":51,"text":"This same approach works for federations. You can __MCAST__ as an outboundGroup on any federates","rect":[71.64099884033203,287.2333679199219,539.6615082854289,278.0677795410156]},{"page":51,"text":"`that you wanted to share multicast trafc with. Using the fltergroup approach allows for creation of input","rect":[72.0,299.1983337402344,539.8244319057461,290.13238525390627]},{"page":51,"text":"`specifc multicast groups, allowing control of how messages from multicast networks are routed.","rect":[72.0,311.1533508300781,488.1477016553879,302.08740234375]},{"page":51,"text":"16 OAuth2 Authentication","rect":[72.0,342.21484375,270.63745653629305,332.01470947265627]},{"page":51,"text":"TAK Server provides OAuth2 Authorization and Resource server capabilities using the OAuth2 Password","rect":[71.64099884033203,365.9193420410156,539.548813217425,356.7438049316406]},{"page":51,"text":"`authentication fow. OAuth2 integration works with existing authentication back ends, allowing TAK Server","rect":[72.0,377.8753356933594,539.7218621038179,368.6997985839844]},{"page":51,"text":"t` o issue tokens backed by the File or LDAP authenticators. TAK Server issues JSON Web Tokens (JWT)","rect":[72.0,390.2686462402344,540.6993703407007,380.3160095214844]},{"page":51,"text":"s` igned by the server certifcate, allowing external systems to validate tokens against the server’s trust chain.","rect":[72.0,401.78533935546877,541.3956962756148,392.7193908691406]},{"page":51,"text":"`The OAuth2 token endpoint is available at https://<takserver>:8446/oauth/token.","rect":[71.64099884033203,414.1786804199219,435.973171626091,404.2260437011719]},{"page":51,"text":"17 User Management UI","rect":[72.0,447.51324462890627,257.08030218029026,434.8025207519531]},{"page":51,"text":"17.1 Overview","rect":[72.0,468.5885009765625,164.42564013671876,460.1122741699219]},{"page":51,"text":"`The User Management UI provides an intuitive drag-and-drop mechanisms for managing TAK user accounts.","rect":[71.64099884033203,488.8883361816406,541.5376905546891,479.7127990722656]},{"page":51,"text":"`The tool is integrated within TAK Server and can be accessed from the TAK main menu, under Administrative","rect":[71.64099884033203,500.84332275390627,539.5494650636939,491.66778564453127]},{"page":51,"text":"» Manage Users. Users need to have an admin role to access the tool. Currently the User Management","rect":[71.44200134277344,512.79931640625,539.8727910808279,503.7333679199219]},{"page":51,"text":"U` I supports only fle-based users and not LDAP/AD users. The tool allows TAK administrators to create,","rect":[72.0,525.1927490234375,540.9753208133716,515.2401123046875]},{"page":51,"text":"m` anage, inspect and delete TAK user accounts. More specifcally, the tool allows TAK administrators","rect":[72.0,536.7093505859375,539.5670019362781,527.5337524414063]},{"page":51,"text":"t` o: - View, flter and search for existing user accounts and groups. - View a list of users in each group.","rect":[72.0,548.6643676757813,541.5079481163284,539.598388671875]},{"page":51,"text":"`- Change password for each user account. - View and update groups (IN group, OUT group and both)","rect":[70.67499542236328,561.0577392578125,540.8231084636404,551.1051025390625]},{"page":51,"text":"`for each user account. - Delete user accounts. - Create a new user account with a specifed password and","rect":[72.0,572.4547729492188,539.5772055451538,563.5083618164063]},{"page":51,"text":"g` roups. Password complexity is checked to confrm compliance. - Create new user accounts in bulk with","rect":[72.0,584.5303955078125,539.5568808381225,575.4644165039063]},{"page":51,"text":"u` sername following a pattern. System uses password generation mechanism to create passwords that meet","rect":[72.0,596.4853515625,539.843108398614,587.4193725585938]},{"page":51,"text":"TAK password complexity requirements.","rect":[71.64099884033203,608.4303588867188,254.76771374132844,599.2647705078125]},{"page":51,"text":"System produces output fle with user/password combos asa","rect":[261.7590637207031,608.8787231445313,539.5739067367306,598.9260864257813]},{"page":51,"text":"`one-time downloadable item, after which system forgets the un-hashed passwords. - Create new groups.","rect":[72.0,620.3953857421875,524.3516811475754,611.3294067382813]},{"page":51,"text":"17.2 Usage","rect":[72.0,648.6320190429688,144.3409187011719,638.0396728515625]},{"page":51,"text":"The below fgure shows the main page of the User Management UI. The left panel lists all user accounts,","rect":[71.64099884033203,666.67333984375,540.9763319053909,657.6073608398438]},{"page":51,"text":"`which can be fltered using the Search box on the top. The right panel lists all existing groups, which can be","rect":[71.64099884033203,678.6283569335938,539.5323398315607,669.5623779296875]},{"page":51,"text":"f` ltered using the Search box on the top.","rect":[72.0,690.5833740234375,247.93951073741915,681.5173950195313]},{"page":51,"text":"50","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":52,"text":"T` o change user’s password, click on the arrow right next to the username and select “Change password”.","rect":[71.64099884033203,315.2723083496094,527.3801235303879,306.20635986328127]},{"page":52,"text":"`To view/edit groups for a user account, click on the arrow right next to the username and select “View/Edit","rect":[71.64099884033203,568.74072265625,539.8306589777205,558.7880859375]},{"page":52,"text":"`groups”. You can drag the groups from the right panel and drop to one of the three boxes in the middle","rect":[72.0,580.25732421875,539.597555451748,571.1913452148438]},{"page":52,"text":"p` anel. Click on “Reset” button to bring the UI back to showing the current groups of the user. Click on","rect":[72.0,592.2123413085938,539.5669516389038,583.1463623046875]},{"page":52,"text":"“Update” button to update the groups of the user.","rect":[70.58499908447266,604.1673583984375,291.93401757335666,595.1013793945313]},{"page":52,"text":"51","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":53,"text":"To delete an account, click on the arrow right next to the username and select “Delete User”. You will","rect":[71.64099884033203,320.7613220214844,525.8060916675509,311.8049621582031]},{"page":53,"text":"p` rompted to either confrm or cancel the action.","rect":[72.0,332.5968017578125,282.2208217725754,323.650390625]},{"page":53,"text":"T` o","rect":[71.64099884033203,583.0,82.98840284347534,575.2252807617188]},{"page":53,"text":"list","rect":[86.30594635009766,583.0,99.6159769859314,575.055908203125]},{"page":53,"text":"all","rect":[102.93352508544922,583.0,113.43410149669647,575.055908203125]},{"page":53,"text":"users","rect":[116.76161193847656,583.0,138.45019716453553,577.0]},{"page":53,"text":"in","rect":[141.77769470214845,583.0,150.06658112049105,575.424560546875]},{"page":53,"text":"a","rect":[153.38412475585938,583.0,158.36542463302613,577.0]},{"page":53,"text":"group,","rect":[161.68296813964845,584.0123291015625,189.35906640148165,577.0]},{"page":53,"text":"click","rect":[192.67662048339845,583.0,212.0240022287369,575.055908203125]},{"page":53,"text":"on","rect":[215.341552734375,583.0,225.85208832263948,577.0]},{"page":53,"text":"the","rect":[229.16961669921876,583.0,242.9877558631897,575.055908203125]},{"page":53,"text":"arrow","rect":[246.3052978515625,583.0,270.98263935661319,577.0]},{"page":53,"text":"right","rect":[274.3001708984375,584.0123291015625,295.0522562828064,575.055908203125]},{"page":53,"text":"next","rect":[298.36981201171877,583.0,317.4382426109314,575.8429565429688]},{"page":53,"text":"52","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":53,"text":"to","rect":[320.7657470703125,583.0,329.6125559806824,575.8429565429688]},{"page":53,"text":"the","rect":[332.9300842285156,583.0,346.74819287490848,575.055908203125]},{"page":53,"text":"group","rect":[350.06573486328127,584.0123291015625,374.98218475818637,577.0]},{"page":53,"text":"name","rect":[378.2997131347656,583.0,401.53249463272098,577.0]},{"page":53,"text":"and","rect":[404.8600158691406,583.0,420.89978729724887,575.055908203125]},{"page":53,"text":"click","rect":[424.2173156738281,583.0,443.55473342990879,575.055908203125]},{"page":53,"text":"on","rect":[446.8722839355469,583.0,457.38281952381137,577.0]},{"page":53,"text":"“List","rect":[460.7103271484375,583.0,482.1897074546814,575.16552734375]},{"page":53,"text":"users”.","rect":[485.5072326660156,583.0,513.282986079216,577.0]},{"page":53,"text":"be","rect":[529.1359252929688,319.0,539.5517500148142,311.8049621582031]},{"page":54,"text":"T` o","rect":[71.64099884033203,367.0,82.98840284347534,359.934326171875]},{"page":54,"text":"`To","rect":[71.64099884033203,671.0,82.98840284347534,663.5233154296875]},{"page":54,"text":"create","rect":[86.30594635009766,367.0,112.31829175186158,360.552001953125]},{"page":54,"text":"create","rect":[86.30594635009766,671.0,112.31829175186158,664.1409912109375]},{"page":54,"text":"a new user, click on “Add User” on the menu bar.","rect":[115.6358413696289,367.0,333.71712914562229,359.5458068847656]},{"page":54,"text":"new users in bulk, click on “Add Users” on the menu","rect":[115.6358413696289,671.0,346.7781442308426,663.134765625]},{"page":54,"text":"53","rect":[301.0190124511719,750.0972290039063,310.981605052948,743.2529296875]},{"page":54,"text":"bar.","rect":[350.0956726074219,671.0,367.2612270460129,663.3539428710938]},{"page":55,"text":"18 Data Retention Tool","rect":[72.0,82.12075805664063,249.56291320037844,72.0066909790039]},{"page":55,"text":"I` nformation regarding the use of the Data Retention Tool is available on the tak.gov wiki:","rect":[72.0,105.8252944946289,464.79534569835666,96.75932312011719]},{"page":55,"text":"`https://wiki.tak.gov/display/TPC/Data+Retention+Tool","rect":[72.0,124.1966323852539,324.9404262647629,114.2439956665039]},{"page":55,"text":"19","rect":[72.0,154.81973266601563,88.12512542915344,145.25082397460938]},{"page":55,"text":"•","rect":[84.1760025024414,175.6161651611328,91.91694251155853,172.74693298339845]},{"page":55,"text":"•","rect":[84.1760025024414,187.57118225097657,91.91694251155853,184.7019500732422]},{"page":55,"text":"•","rect":[84.17599487304688,199.5261993408203,91.916934882164,196.65696716308595]},{"page":55,"text":"•","rect":[84.17599487304688,211.48121643066407,91.916934882164,208.6119842529297]},{"page":55,"text":"•","rect":[84.17599487304688,223.4362335205078,91.916934882164,220.56700134277345]},{"page":55,"text":"•","rect":[84.1760025024414,235.39222717285157,91.91694251155853,232.5229949951172]},{"page":55,"text":"•","rect":[84.17601013183594,247.3472442626953,91.91695014095306,244.47801208496095]},{"page":55,"text":"•","rect":[84.17601013183594,259.30224609375,91.91695014095306,256.43304443359377]},{"page":55,"text":"•","rect":[84.17601013183594,271.25726318359377,91.91695014095306,268.3880615234375]},{"page":55,"text":"•","rect":[84.17601013183594,283.2122497558594,91.91695014095306,280.3430480957031]},{"page":55,"text":"•","rect":[84.1760025024414,295.167236328125,91.91694251155853,292.29803466796877]},{"page":55,"text":"•","rect":[84.17601013183594,307.12322998046877,91.91695014095306,304.2540283203125]},{"page":55,"text":"•","rect":[84.17601013183594,319.0782165527344,91.91695014095306,316.2090148925781]},{"page":55,"text":"•","rect":[84.1760025024414,342.98822021484377,91.91694251155853,340.1190185546875]},{"page":55,"text":"•","rect":[84.1760025024414,354.9432373046875,91.91694251155853,352.07403564453127]},{"page":55,"text":"•","rect":[84.1760025024414,366.8982238769531,91.91694251155853,364.0290222167969]},{"page":55,"text":"•","rect":[84.17601013183594,378.854248046875,91.91695014095306,375.98504638671877]},{"page":55,"text":"•","rect":[84.1760025024414,390.8092346191406,91.91694251155853,387.9400329589844]},{"page":55,"text":"•","rect":[84.1760025024414,402.76422119140627,91.91694251155853,399.89501953125]},{"page":55,"text":"•","rect":[84.1760025024414,414.71923828125,91.91694251155853,411.85003662109377]},{"page":55,"text":"•","rect":[84.1760025024414,426.67425537109377,91.91694251155853,423.8050537109375]},{"page":55,"text":"•","rect":[84.1760025024414,438.6292419433594,91.91694251155853,435.7600402832031]},{"page":55,"text":"•","rect":[84.1760025024414,450.5852355957031,91.91694251155853,447.7160339355469]},{"page":55,"text":"•","rect":[84.1760025024414,462.54022216796877,91.91694251155853,459.6710205078125]},{"page":55,"text":"•","rect":[84.1760025024414,474.4952392578125,91.91694251155853,471.62603759765627]},{"page":55,"text":"•","rect":[84.1760025024414,486.45025634765627,91.91694251155853,483.5810546875]},{"page":55,"text":"•","rect":[84.17601013183594,498.4052429199219,91.91695014095306,495.5360412597656]},{"page":55,"text":"•","rect":[84.1760025024414,522.3162231445313,91.91694251155853,519.447021484375]},{"page":55,"text":"•","rect":[84.1760025024414,558.1812133789063,91.91694251155853,555.31201171875]},{"page":55,"text":"Appendix A: Acronyms and Abbreviations","rect":[104.26460266113281,157.51681518554688,406.42418373394016,144.6195831298828]},{"page":55,"text":"ATAK A` ndroid Team Awareness Kit","rect":[96.9070053100586,176.58253479003907,261.3376566734314,169.3496856689453]},{"page":55,"text":"CA `Certifcate Authority (for digital certifcates)","rect":[96.9070053100586,190.91860961914063,312.1918742027283,180.96597290039063]},{"page":55,"text":"CN Common Name (of a digital certifcate)","rect":[96.90699768066406,202.87362670898438,289.4832560386658,192.92098999023438]},{"page":55,"text":"CoT C` ursor-on-Target, an XML-based data interchange format","rect":[96.90699768066406,214.39028930664063,375.8786417808533,205.32432556152345]},{"page":55,"text":"CRL Certifcate Revocation List","rect":[96.90699768066406,224.51219177246095,241.28565472030639,217.2793426513672]},{"page":55,"text":"DoD `Department of Defense (United States)","rect":[96.9070053100586,238.73965454101563,294.2271830406189,228.78701782226563]},{"page":55,"text":"DISA `Defense Information Systems Agency","rect":[96.90701293945313,250.25631713867188,290.45658889865879,241.0807647705078]},{"page":55,"text":"ESAPI Enterprise Security Application Programming Interface","rect":[96.90701293945313,262.2113342285156,376.24218091201785,253.03578186035157]},{"page":55,"text":"EPL E` valuated Products List","rect":[96.90701293945313,272.2236633300781,228.62949627304077,265.2099914550781]},{"page":55,"text":"HTTP Hypertext Transfer Protocol","rect":[96.90701293945313,286.11138916015627,256.8409694776535,277.0553894042969]},{"page":55,"text":"IA I` nformation Assurance","rect":[96.9070053100586,296.1336364746094,212.11281689834596,288.9007873535156]},{"page":55,"text":"IP `Internet Protocol","rect":[96.90701293945313,308.0896301269531,187.51205102062228,301.0759582519531]},{"page":55,"text":"IPv4 `Internet Protocol, version 4. The commonly-used version of IP, in which addresses consist of four","rect":[96.9070053100586,321.9773864746094,539.788172173164,312.92138671875]},{"page":55,"text":"integers from zero to 255 (inclusive), separated by periods, such as 192.168.123.4","rect":[96.9070053100586,334.38067626953127,448.7859568595886,324.42803955078127]},{"page":55,"text":"JCE Java Cryptography Extensions","rect":[96.9070053100586,345.8973083496094,255.65008730125428,336.83135986328127]},{"page":55,"text":"JDK Java Development Kit, a JRE with additional tools and libraries.","rect":[96.9070053100586,357.7327880859375,408.68694726085666,348.8959655761719]},{"page":55,"text":"JKS J` ava Key Store","rect":[96.9070053100586,369.79736328125,187.7363367958069,360.7413635253906]},{"page":55,"text":"JRE `Java Runtime Environment","rect":[96.9070053100586,379.93023681640627,241.871012386322,372.88665771484377]},{"page":55,"text":"KML Keyhole Markup Language, the XML-based data format used by Google Earth","rect":[96.9070053100586,393.71832275390627,471.9200204515457,384.6523742675781]},{"page":55,"text":"OS `Operating System","rect":[96.9070053100586,405.6733093261719,193.7939627828598,396.60736083984377]},{"page":55,"text":"OWASP Open Web Application Security Project","rect":[96.9070053100586,417.6183776855469,315.74357098007206,408.4527893066406]},{"page":55,"text":"NIAP `National Information Assurance Partnership","rect":[96.9070053100586,429.46380615234377,323.7049020433426,420.4078063964844]},{"page":55,"text":"PKCS12 Public-Key Cryptography Standard #12","rect":[96.9070053100586,441.538330078125,319.992835521698,432.4723815917969]},{"page":55,"text":"TCP T` ransmission Control Protocol","rect":[96.9070053100586,451.6612243652344,257.6832698926926,444.4283752441406]},{"page":55,"text":"RHEL `Red Hat Enterprise Linux","rect":[96.9070053100586,465.32977294921877,245.5295716867447,456.4929504394531]},{"page":55,"text":"UDP U` ser Datagram Protocol","rect":[96.9070053100586,477.4043273925781,232.53777733898165,468.4479675292969]},{"page":55,"text":"SSL Secure Sockets Layer","rect":[96.9070053100586,489.3493957519531,211.05660086917878,480.29339599609377]},{"page":55,"text":"TAK T` eam Awareness Kit, a mobile or desktop application that sends and receives real-time information","rect":[96.9070053100586,501.1947937011719,539.5883968813752,492.1387939453125]},{"page":55,"text":"through TAK Server.","rect":[96.9070053100586,513.2693481445313,189.33004418468478,504.0937805175781]},{"page":55,"text":"TLS Transport Layer Security, a newer and more-secure protocol derived from SSL. The terms SSL","rect":[96.9070053100586,525.21533203125,539.9248234108512,516.1593627929688]},{"page":55,"text":"and TLS are often used interchangeably. Technically, TLS provides a superset of SSL’s capabilities and","rect":[96.9070053100586,537.1803588867188,539.5576351626252,528.1143798828125]},{"page":55,"text":"should always be preferred.","rect":[96.9070053100586,549.1253662109375,215.69106713390353,540.0693969726563]},{"page":55,"text":"XML `Extensible Markup Language","rect":[96.9070053100586,561.09033203125,254.4761591835022,552.1339111328125]},{"page":55,"text":"`20 Appendix B: Certifcate Generation","rect":[72.00000762939453,594.7628173828125,357.6758476495743,581.95166015625]},{"page":55,"text":"`TAK Server includes scripts for generating a private security enclave, which will create a Certifcate Authority","rect":[71.64099884033203,615.8573608398438,539.8423058536395,606.6817626953125]},{"page":55,"text":"(CA) as well as server and client certifcates.","rect":[70.83399963378906,628.250732421875,265.47332421398166,618.298095703125]},{"page":55,"text":"F` irst, fgure out how many client certifcates you are going to need. Ideally you should have a diferent client","rect":[72.0,645.745361328125,539.7970085150047,636.6793823242188]},{"page":55,"text":"c` ert for each ATAK device on your network.","rect":[72.0,657.6903686523438,265.10503808116916,648.5247802734375]},{"page":55,"text":"`Become the tak user:","rect":[72.0,673.6896362304688,164.01458397960665,666.6759643554688]},{"page":55,"text":"s` udo su tak","rect":[72.0,691.5728149414063,129.53401477336883,685.4358520507813]},{"page":55,"text":"`Edit the certifcate-generation confguration fle, at this location:","rect":[72.0,717.476318359375,353.9614223585129,708.4103393554688]},{"page":55,"text":"54","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.143310546875]},{"page":56,"text":"/opt/tak/certs/cert-metadata.sh","rect":[72.0,84.16468811035156,234.14126880168915,75.04890441894531]},{"page":56,"text":"`Set options for country, state, city, organization, and organizational_unit.","rect":[72.0,107.2992935180664,394.5490688428879,98.23332214355469]},{"page":56,"text":"C` hange directory:","rect":[72.0,125.2313003540039,149.7381557569504,116.16532897949219]},{"page":56,"text":"cd /opt/tak/certs","rect":[72.0,142.70765686035157,160.91612536907196,133.5918731689453]},{"page":56,"text":"`Create a certifcate authority (CA):","rect":[72.0,166.28060913085938,227.16749230480196,156.32797241210938]},{"page":56,"text":"./makeRootCa.sh","rect":[72.0,181.9329071044922,150.45547778606415,174.20191955566407]},{"page":56,"text":"`Follow the prompt to name the CA.","rect":[72.0,206.33274841308595,229.21978417491915,197.27674865722657]},{"page":56,"text":"`Create a server certifcate:","rect":[72.0,222.5521697998047,186.6097377882004,215.31932067871095]},{"page":56,"text":"./makeCert.sh","rect":[72.0,240.4759979248047,139.994753909111,232.74501037597657]},{"page":56,"text":"server","rect":[145.22511291503907,239.0,176.60728747844696,234.0]},{"page":56,"text":"takserver","rect":[181.837646484375,239.70887756347657,228.91090686321258,233.57191467285157]},{"page":56,"text":"`This command will result in a server certifcate named ‘/opt/tak/certs/fles/takserver.jks’","rect":[71.64099884033203,265.4337463378906,463.66927758312229,255.48110961914063]},{"page":56,"text":"`Create one or more client certifcates. You should use a diferent client cert for each ATAK device on your","rect":[72.0,282.9183654785156,539.7518458061121,273.7527770996094]},{"page":56,"text":"n` etwork. This username will be provisioned in the certifcate as the CN (Common Name). When using certs on","rect":[72.0,295.3216857910156,539.5570248110627,285.3690490722656]},{"page":56,"text":"`devices that are connected to an input that is confgured for group fltering without authentication messages,","rect":[72.0,306.83831787109377,540.9097478446178,297.7723693847656]},{"page":56,"text":"`this username will be used by TAK Server to look up group membership information in an authentication","rect":[72.0,318.7933044433594,539.5472900763473,309.6177673339844]},{"page":56,"text":"`repository, such as Active Directory (AD). This command will create a cert for the username user:","rect":[72.0,331.18768310546877,501.6371120557785,321.23504638671877]},{"page":56,"text":"./makeCert.sh","rect":[72.0,346.8399353027344,139.994753909111,339.1089782714844]},{"page":56,"text":"client","rect":[145.22511291503907,346.07281494140627,176.60728747844696,339.93585205078127]},{"page":56,"text":"user","rect":[181.837646484375,346.07281494140627,202.75909717082977,341.63946533203127]},{"page":56,"text":"`Generate another cert, named admin to access the admin UI:","rect":[72.0,370.0,339.3563198194504,362.29339599609377]},{"page":56,"text":"./makeCert.sh","rect":[72.0,387.449951171875,139.994753909111,379.718994140625]},{"page":56,"text":"client","rect":[145.22511291503907,386.6828308105469,176.60728747844696,380.5458679199219]},{"page":56,"text":"admin","rect":[181.837646484375,386.6828308105469,207.98945910930633,380.5458679199219]},{"page":56,"text":"T` he generated CA truststores and certs will be located here:","rect":[71.64099884033203,411.9693603515625,336.01852074718479,402.7938232421875]},{"page":56,"text":"/opt/tak/certs/files","rect":[72.0,429.4457092285156,176.60728747844696,420.3299560546875]},{"page":56,"text":"`Follow the instruction on “Confgure TAK Server Certifcate” to set up the server to use the generated certs","rect":[72.0,452.580322265625,539.5352847260301,443.40478515625]},{"page":56,"text":"`and to authenticate users on a TLS port. If using the default confguration, TLS will be correctly set up on","rect":[72.0,464.53533935546877,539.5518536368379,455.4693908691406]},{"page":56,"text":"8443.","rect":[72.0,474.6572265625,94.684841547966,467.70330810546877]},{"page":56,"text":"`Become a normal user:","rect":[72.0,492.48065185546877,171.52637902355196,485.46697998046877]},{"page":56,"text":"exit","rect":[72.0,509.746826171875,92.9214583158493,503.6596984863281]},{"page":56,"text":"`Restart the TAK Server:","rect":[72.0,533.2002563476563,179.53631249523165,525.8577880859375]},{"page":56,"text":"`sudo","rect":[72.0,551.0,92.9214583158493,544.2208251953125]},{"page":56,"text":"systemctl","rect":[98.15182495117188,552.5695190429688,145.22511584758758,544.2208251953125]},{"page":56,"text":"restart","rect":[150.45547485351563,551.0,187.06801135540008,544.7886962890625]},{"page":56,"text":"takserver","rect":[192.29837036132813,551.0,239.3716307401657,544.2208251953125]},{"page":56,"text":"`Authorize the admin cert to perform administrative functions using the UI:","rect":[71.62100219726563,575.6443481445313,400.6258510694504,566.46875]},{"page":56,"text":"s` udo","rect":[72.0,592.0,92.9214583158493,584.830810546875]},{"page":56,"text":"java","rect":[98.15182495117188,593.1795043945313,119.07329089641572,584.890625]},{"page":56,"text":"-jar","rect":[124.30364990234375,593.1795043945313,145.22511584758758,584.890625]},{"page":56,"text":"/opt/tak/utils/UserManager.jar","rect":[150.45547485351563,593.189453125,307.3663511991501,584.00390625]},{"page":56,"text":"certmod","rect":[312.5966796875,592.0,349.2092772245407,584.830810546875]},{"page":56,"text":"-A","rect":[354.4396667480469,592.0,364.9004088163376,584.7112426757813]},{"page":56,"text":"/opt/tak/certs/files/admin.pem","rect":[370.13079833984377,593.1196899414063,527.0421324491501,584.00390625]},{"page":56,"text":"2` 0.1 Confgure TAK Server Certifcate","rect":[72.0,626.2930297851563,307.9119788818359,615.5333251953125]},{"page":56,"text":"`In /opt/tak, check the following settings in CoreConfg.xml:","rect":[72.0,644.771728515625,333.6776088819504,634.819091796875]},{"page":56,"text":"1.","rect":[84.177001953125,660.2239990234375,91.91794243907929,653.5889282226563]},{"page":56,"text":"2.","rect":[84.17699432373047,696.0900268554688,91.91793480968475,689.4549560546875]},{"page":56,"text":"In the <tls> element, the keystoreFile attribute should be set to the server keystore that was gen-","rect":[96.9070053100586,662.266357421875,541.162766198186,653.3099365234375]},{"page":56,"text":"erated with makeCerts.sh, above. If you followed the instructions verbatim, the server keystore is","rect":[96.9070053100586,674.2113647460938,539.5165868972156,665.1553955078125]},{"page":56,"text":"‘/opt/tak/certs/fles/takserver.jks’.","rect":[95.5219955444336,686.61572265625,247.57119408702853,676.6630859375]},{"page":56,"text":"`Also in the <tls> element, the truststoreFile attribute should be set to the the trust store that","rect":[96.52799987792969,697.0,539.7573125652029,688.9567260742188]},{"page":56,"text":"w` as generated with makeCerts.sh, above. If you used the default arguments, your trust store fle is","rect":[96.54800415039063,710.0873413085938,539.5539404128406,701.0213623046875]},{"page":56,"text":"‘/opt/tak/certs/fles/truststore-root.jks’.","rect":[95.5219955444336,722.480712890625,271.421657954216,712.528076171875]},{"page":56,"text":"55","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":57,"text":"3. In the <network> element, add a TLS input, specifying group-based fltering without requiring an","rect":[84.177001953125,84.00528717041016,539.54699314281,74.93931579589844]},{"page":57,"text":"authentication message:","rect":[96.9070053100586,95.9603042602539,200.68740502452853,87.00392150878906]},{"page":57,"text":"<` input","rect":[72.0,114.05281066894531,103.38218982219697,105.82369995117188]},{"page":57,"text":"_name=\"stdssl\"","rect":[108.61255645751953,113.0,181.83766467571258,105.65433502197266]},{"page":57,"text":"protocol=\"tls\"","rect":[187.06802368164063,114.05281066894531,260.2931395292282,105.65433502197266]},{"page":57,"text":"port=\"8089\"","rect":[265.5235290527344,114.05281066894531,323.0575438261032,105.65433502197266]},{"page":57,"text":"auth=\"x509\"/>","rect":[328.2879333496094,112.66800689697266,396.28270251750947,104.93702697753906]},{"page":57,"text":"Y` ou can change the port number if you want. Example:","rect":[71.62100219726563,137.80337524414063,315.4157680616379,128.73741149902345]},{"page":57,"text":"`<network","rect":[72.0,153.7438507080078,113.84292132854462,147.6068878173828]},{"page":57,"text":"multicastTTL=\"5\">","rect":[119.07328796386719,153.7936553955078,207.98945910930633,147.49729919433595]},{"page":57,"text":"<!--","rect":[82.46099853515625,166.0,103.38245685100556,159.4523162841797]},{"page":57,"text":"<input","rect":[108.61282348632813,167.8507843017578,139.99501330852508,159.62167358398438]},{"page":57,"text":"_name=\"stdtcp\"","rect":[145.2253875732422,167.8507843017578,218.45047290325165,159.4523162841797]},{"page":57,"text":"protocol=\"tcp\"","rect":[223.6808319091797,167.8507843017578,296.9059630155563,159.4523162841797]},{"page":57,"text":"port=\"8087\"/>","rect":[302.1363525390625,167.8507843017578,370.1311217069626,158.73500061035157]},{"page":57,"text":"-->","rect":[375.3614807128906,165.0911407470703,391.0525694608688,160.0]},{"page":57,"text":"<!--","rect":[82.46099853515625,178.0,103.38245685100556,171.4072723388672]},{"page":57,"text":"<input","rect":[108.61282348632813,179.8057403564453,139.99501330852508,171.57662963867188]},{"page":57,"text":"_name=\"stdudp\"","rect":[145.2253875732422,179.8057403564453,218.45047290325165,171.4072723388672]},{"page":57,"text":"protocol=\"udp\"","rect":[223.6808319091797,179.8057403564453,296.9059630155563,171.4072723388672]},{"page":57,"text":"port=\"8087\"/>","rect":[302.1363525390625,179.8057403564453,370.1311217069626,170.68995666503907]},{"page":57,"text":"-->","rect":[375.3614807128906,177.0460968017578,391.0525694608688,172.0]},{"page":57,"text":"<input","rect":[82.46099853515625,191.76075744628907,113.84318835735322,183.53164672851563]},{"page":57,"text":"_name=\"stdssl\"","rect":[119.07355499267578,190.0,192.29866321086883,183.36228942871095]},{"page":57,"text":"protocol=\"tls\"","rect":[197.52902221679688,191.76075744628907,270.75413806438447,183.36228942871095]},{"page":57,"text":"port=\"8089\"","rect":[275.9845275878906,191.76075744628907,333.51854236125947,183.36228942871095]},{"page":57,"text":"auth=\"x509\"/>","rect":[338.7489318847656,190.37596130371095,406.7437010526657,182.6449737548828]},{"page":57,"text":"<!--","rect":[82.46099853515625,202.0,103.38245685100556,195.31724548339845]},{"page":57,"text":"<input","rect":[108.61282348632813,203.71571350097657,139.99501330852508,195.48660278320313]},{"page":57,"text":"_name=\"streamtcp\"","rect":[145.2253875732422,203.71571350097657,234.1415739774704,195.31724548339845]},{"page":57,"text":"protocol=\"stcp\"","rect":[239.37193298339845,203.71571350097657,317.8274107694626,195.31724548339845]},{"page":57,"text":"port=\"8088\"/>","rect":[323.05780029296877,203.71571350097657,391.0525694608688,194.5999298095703]},{"page":57,"text":"-->","rect":[396.2829284667969,201.0,411.9740172147751,195.9747772216797]},{"page":57,"text":"<!--","rect":[82.46099853515625,214.0,103.38245685100556,207.2722625732422]},{"page":57,"text":"<input","rect":[108.61282348632813,215.6707305908203,139.99501330852508,207.44161987304688]},{"page":57,"text":"_name=\"SAproxy\"","rect":[145.2253875732422,215.73049926757813,223.6808348417282,207.26229858398438]},{"page":57,"text":"protocol=\"mcast\"","rect":[228.91119384765626,215.6707305908203,312.5970640897751,207.2722625732422]},{"page":57,"text":"group=\"239.2.3.1\"","rect":[317.82745361328127,215.74046325683595,406.7436705350876,207.2722625732422]},{"page":57,"text":"port=\"6969\"","rect":[411.97406005859377,215.6707305908203,469.5080748319626,207.2722625732422]},{"page":57,"text":"proxy=\"true\"`/>","rect":[102.38600158691406,227.68649291992188,175.61110217571258,218.5109405517578]},{"page":57,"text":"-->","rect":[180.8414764404297,225.0,196.5325651884079,219.8857879638672]},{"page":57,"text":"<!--","rect":[82.46099853515625,238.0,103.38245685100556,231.1832733154297]},{"page":57,"text":"<input","rect":[108.61282348632813,239.5817413330078,139.99501330852508,231.35263061523438]},{"page":57,"text":"_name=\"GeoChatproxy\"","rect":[145.2253875732422,239.64151000976563,249.83267505168915,231.1832733154297]},{"page":57,"text":"protocol=\"mcast\"","rect":[255.0630340576172,239.5817413330078,338.74888904094697,231.1832733154297]},{"page":57,"text":"group=\"224.10.10.1\"","rect":[343.9792785644531,239.65147399902345,443.3562498807907,231.17330932617188]},{"page":57,"text":"port=\"17012\"","rect":[448.5866394042969,239.5817413330078,511.3510313749313,231.13345336914063]},{"page":57,"text":"proxy=\"true\"`/>","rect":[102.38600158691406,251.59652709960938,175.61110217571258,242.4209747314453]},{"page":57,"text":"-->","rect":[180.8414764404297,249.0,196.5325651884079,243.7958221435547]},{"page":57,"text":"<!--<announce","rect":[82.46099853515625,261.33978271484377,150.45575244426727,255.09324645996095]},{"page":57,"text":"enable=\"true\"","rect":[155.6859893798828,261.33978271484377,223.680544924736,255.09324645996095]},{"page":57,"text":"uid=\"Marti1\"","rect":[228.91090393066407,261.33978271484377,291.67528064250947,255.09324645996095]},{"page":57,"text":"group=\"239.2.3.1\"","rect":[296.9056701660156,263.56146240234377,385.8219176054001,255.09324645996095]},{"page":57,"text":"port=\"6969\"","rect":[391.05230712890627,263.49169921875,448.5863219022751,255.09324645996095]},{"page":57,"text":"interval=\"1\"","rect":[453.81671142578127,261.33978271484377,516.5811339139939,255.09324645996095]},{"page":57,"text":"ip=\"192.168.1.137\"","rect":[102.38600158691406,275.44671630859377,196.53258044719696,266.9984436035156]},{"page":57,"text":"/>-->","rect":[201.762939453125,274.0619201660156,227.9147673368454,266.3309631347656]},{"page":57,"text":"</network>","rect":[72.0,286.0179138183594,124.30365283489228,278.2869567871094]},{"page":57,"text":"...","rect":[72.0,298.0,87.69109637737275,295.0]},{"page":57,"text":"<security>","rect":[72.0,311.3725280761719,124.30365283489228,303.0836486816406]},{"page":57,"text":"<tls","rect":[82.46099853515625,321.1158142089844,103.38245685100556,314.9788513183594]},{"page":57,"text":"context=\"TLSv1\"","rect":[108.61282348632813,321.1656494140625,187.06830127239227,314.8692626953125]},{"page":57,"text":"keymanager=\"SunX509\"","rect":[192.2986602783203,323.3374938964844,296.9059630155563,314.8692626953125]},{"page":57,"text":"keystore=\"JKS\"","rect":[302.1363525390625,323.3275146484375,375.3614989042282,314.8692626953125]},{"page":57,"text":"keystoreFile=\"certs/files/takserver.jks\"","rect":[102.38600158691406,335.2825012207031,311.6006346464157,326.1069641113281]},{"page":57,"text":"keystorePass=\"atakatak\"","rect":[316.8310241699219,335.2825012207031,437.1294432401657,326.8242492675781]},{"page":57,"text":"truststore=\"JKS\"","rect":[442.3598327636719,333.1206359863281,526.0456724882126,326.8242492675781]},{"page":57,"text":"truststoreFile=\"certs/files/truststore-root.jks\"","rect":[102.38600158691406,347.2375183105469,353.4435301542282,338.0619812011719]},{"page":57,"text":"truststorePass=\"atakatak\">","rect":[358.6739196777344,345.02581787109377,494.66343982219697,338.7792663574219]},{"page":57,"text":"(Uncomment","rect":[82.46099853515625,358.0,134.7646513700485,350.0179748535156]},{"page":57,"text":"the","rect":[139.99502563476563,358.0,155.68611438274383,350.8448486328125]},{"page":57,"text":"following","rect":[160.91647338867188,359.2034912109375,207.98973376750946,350.78509521484377]},{"page":57,"text":"if","rect":[213.22000122070313,356.9320068359375,223.68072803020477,350.78509521484377]},{"page":57,"text":"you","rect":[228.91200256347657,359.1935119628906,244.60309131145477,352.0]},{"page":57,"text":"are","rect":[249.83346557617188,358.0,265.5245543241501,352.0]},{"page":57,"text":"using","rect":[270.7549133300781,359.2034912109375,296.9067564725876,350.9046325683594]},{"page":57,"text":"a","rect":[302.1371154785156,358.0,307.3674803495407,352.0]},{"page":57,"text":"CRL)","rect":[312.59783935546877,357.7389831542969,333.5193053007126,350.0179748535156]},{"page":57,"text":"<!--","rect":[82.46099853515625,369.0,103.38245685100556,362.69024658203127]},{"page":57,"text":"<crl","rect":[108.61282348632813,369.0,129.53428943157196,362.7998352050781]},{"page":57,"text":"_name=\"Marti","rect":[134.7646484375,369.0,197.5290251493454,362.69024658203127]},{"page":57,"text":"CA\"","rect":[202.75938415527345,368.98663330078127,218.45047290325165,362.6802978515625]},{"page":57,"text":"crlFile=\"certs/ca.crl\"/>","rect":[223.6808319091797,369.70391845703127,349.2096434354782,361.97296142578127]},{"page":57,"text":"-->","rect":[359.67034912109377,368.3291015625,375.3614683866501,363.0]},{"page":57,"text":"</tls>","rect":[82.46099853515625,381.658935546875,113.84318835735322,373.927978515625]},{"page":57,"text":"</security>","rect":[72.0,395.0585021972656,129.53401477336883,385.8829650878906]},{"page":57,"text":"T` hen (re)start the TAK Server as normal.","rect":[71.64099884033203,419.18768310546877,255.46087304210665,409.23504638671877]},{"page":57,"text":"`20.2 Installing Client Certifcates","rect":[72.0,446.987060546875,275.7525135498047,436.22735595703127]},{"page":57,"text":"Take the truststore-root.p12 and user.p12 fles and copy them to your Android device. In ATAK, open","rect":[71.64099884033203,465.0173645019531,539.58410251781,455.8517761230469]},{"page":57,"text":"‘Settings -> General Settings -> Network Settings’ and set the SSL/TLS Truststore and Client Certifcate","rect":[70.61499786376953,477.4206848144531,539.5145642268047,467.4680480957031]},{"page":57,"text":"p` references to point to those .p12 fles.","rect":[72.0,488.8177795410156,240.57712975597384,479.8713684082031]},{"page":57,"text":"`Repeat the procedure described above for creating a new server connection, but be sure to select SSL as the","rect":[72.0,506.87030029296877,539.5450251387956,497.8043518066406]},{"page":57,"text":"p` rotocol.","rect":[72.0,518.7057495117188,110.45563927745819,509.8689270019531]},{"page":57,"text":"These same .p12 fles can be installed in a browser, and used to access the Web UI (for admin use) and","rect":[71.64099884033203,537.1967163085938,539.5941733185913,527.2440795898438]},{"page":57,"text":"W ` ebTAK (for normal users or admins). The process to install these fles varies by browser and operating","rect":[71.49199676513672,549.1517333984375,539.5568779281368,539.1990966796875]},{"page":57,"text":"s` ystem, but can generally be confgured by going to the browser preferences, and the security or certifcates","rect":[72.0,560.6683349609375,539.510271221988,551.6023559570313]},{"page":57,"text":"section.","rect":[72.0,570.6806030273438,104.66737023448944,564.0355834960938]},{"page":57,"text":"2` 1 Appendix C: Certifcate Signing","rect":[72.0,606.396240234375,331.27881195259098,593.484619140625]},{"page":57,"text":"`TAK Clients can enroll for new client certifcates by submitting a Certifcate Signing Request (CSR) to TAK","rect":[71.64099884033203,627.8287353515625,539.9193016500541,617.8760986328125]},{"page":57,"text":"`Server. The Certifcate Signing endpoint resides on port 8446 and requires HTTP Basic Authentication","rect":[72.0,639.3453369140625,539.5569418732788,630.1697387695313]},{"page":57,"text":"b` acked by either File or LDAP authentication. Ensure that the tomcat connector for port 8446 is active","rect":[72.0,651.2903442382813,539.5366423658105,642.124755859375]},{"page":57,"text":"`within tomcat-home/conf/server.xml.","rect":[71.64099884033203,663.6937255859375,234.8582729444504,653.7410888671875]},{"page":57,"text":"The CertifcateSigning section in CoreConfg.xml specifes how CSRs are processed. TAK Server can be","rect":[71.64099884033203,681.1883544921875,539.584127717373,672.0127563476563]},{"page":57,"text":"c` onfgured to sign certifcates directly, or proxy CSRs to a Microsoft CA instance running Certifcate","rect":[72.0,693.1433715820313,539.5466521314355,683.9677734375]},{"page":57,"text":"`Enrollment Services. To confgure TAK Server to sign certifcates, set the CA attribute to “TAKServer”. To","rect":[72.0,705.099365234375,539.5345142696505,695.9237670898438]},{"page":57,"text":"`confgure TAK Server to proxy the CSR to MS CA, set the CA attribute to “MicrosoftCA”.","rect":[72.0,717.0543212890625,472.78545800304416,707.8787231445313]},{"page":57,"text":"56","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":58,"text":"<` certificateSigning","rect":[72.0,84.23442077636719,171.3769255399704,75.7662124633789]},{"page":58,"text":"CA=\"{TAKServer","rect":[176.60728454589845,83.0,249.83238513469696,75.04890441894531]},{"page":58,"text":"|","rect":[255.062744140625,82.7798843383789,260.2931090116501,75.04890441894531]},{"page":58,"text":"MicrosoftCA}\">","rect":[265.52349853515627,82.7798843383789,338.74864490032197,75.04890441894531]},{"page":58,"text":"<certificateConfig>","rect":[82.46099853515625,96.18943786621094,181.83792407512665,87.72122955322266]},{"page":58,"text":"<nameEntries>","rect":[92.9219970703125,105.92279815673828,160.9167509794235,99.78583526611328]},{"page":58,"text":"`<nameEntry","rect":[103.38200378417969,120.08951568603516,155.68565661907196,111.74085235595703]},{"page":58,"text":"name=\"O\"","rect":[160.916015625,119.0,202.75892932415008,111.63126373291016]},{"page":58,"text":"value=\"Test","rect":[207.98928833007813,117.87781524658203,265.52330310344697,111.63126373291016]},{"page":58,"text":"Org","rect":[270.753662109375,120.09947204589844,286.4447508573532,111.63126373291016]},{"page":58,"text":"Name\"/>","rect":[291.6751403808594,118.64493560791016,328.28770740032197,110.91395568847656]},{"page":58,"text":"<` nameEntry","rect":[103.38200378417969,132.04446411132813,155.68565661907196,123.69580841064453]},{"page":58,"text":"name=\"OU\"","rect":[160.916015625,131.0,207.98929126262665,123.58621978759766]},{"page":58,"text":"value=\"Test","rect":[213.2196502685547,129.83277893066407,270.75364978313447,123.58621978759766]},{"page":58,"text":"Org","rect":[275.9840393066406,132.05442810058595,291.6751280546188,123.58621978759766]},{"page":58,"text":"Unit","rect":[296.905517578125,129.88258361816407,317.8269835233688,123.69580841064453]},{"page":58,"text":"Name\"/>","rect":[323.0573425292969,130.5998992919922,359.66990954875947,122.86891174316406]},{"page":58,"text":"</nameEntries>","rect":[92.9219970703125,142.55491638183595,166.14711291790008,134.8239288330078]},{"page":58,"text":"</certificateConfig>","rect":[82.46099853515625,155.9654998779297,187.0682860136032,146.7799835205078]},{"page":58,"text":"<TAKServerCAConfig","rect":[82.46099853515625,167.92051696777345,176.60756213665008,159.44235229492188]},{"page":58,"text":"keystore=\"JKS\"","rect":[92.9219970703125,179.86550903320313,166.14711291790008,171.4072723388672]},{"page":58,"text":"keystoreFile=\"../certs/files_intCA/intermediate-ca-signing.jks\"","rect":[92.9219970703125,191.8304901123047,422.43504626750947,182.6449737548828]},{"page":58,"text":"keystorePass=\"atakatak\"","rect":[92.9219970703125,203.77548217773438,213.22040088176727,195.31724548339845]},{"page":58,"text":"validityDays=\"30\"","rect":[92.9219970703125,215.73049926757813,181.83819873332977,207.2722625732422]},{"page":58,"text":"signatureAlg=\"SHA256WithRSA\"","rect":[92.9219970703125,227.6964569091797,239.37222583293915,219.21829223632813]},{"page":58,"text":"/>","rect":[244.6025848388672,226.24192810058595,255.06331164836883,218.5109405517578]},{"page":58,"text":"<MicrosoftCAConfig","rect":[82.46099853515625,239.65147399902345,176.60756213665008,231.17330932617188]},{"page":58,"text":"username=\"{MS CA","rect":[92.9219970703125,250.15196228027345,176.60782153606415,242.4209747314453]},{"page":58,"text":"Username}\"","rect":[181.8381805419922,250.15196228027345,234.14183337688446,242.4209747314453]},{"page":58,"text":"password=\"{MS","rect":[92.9219970703125,263.49169921875,160.91673572063446,254.3759307861328]},{"page":58,"text":"CA","rect":[166.1470947265625,261.3896179199219,176.60782153606415,255.08328247070313]},{"page":58,"text":"Password}\"","rect":[181.8381805419922,262.1069030761719,234.14183337688446,254.3759307861328]},{"page":58,"text":"truststore=\"/opt/tak/certs/files_MSCA/keystore.jks\"","rect":[92.9219970703125,275.5065002441406,359.6706724882126,266.3309631347656]},{"page":58,"text":"truststorePass=\"atakatak\"","rect":[92.9219970703125,285.25079345703127,223.6811247587204,279.0042419433594]},{"page":58,"text":"svcUrl=\"https://win-kbtud3n1hjl.tak.net/tak-WIN-KBTUD3N1HJL-CA_CES_UsernamePassword/service.svc\"","rect":[92.9219970703125,299.4175109863281,595.0370665311814,290.2419738769531]},{"page":58,"text":"templateName=\"Copy","rect":[92.9219970703125,311.3725280761719,187.0685759305954,302.9142761230469]},{"page":58,"text":"of","rect":[192.29893493652345,309.16082763671877,202.75966174602508,302.964111328125]},{"page":58,"text":"User\"/>","rect":[207.99002075195313,309.9279479980469,244.60257251262665,302.1969909667969]},{"page":58,"text":"</certificateSigning>","rect":[72.0,323.3374938964844,181.8376494169235,314.1519775390625]},{"page":58,"text":"P` rior to submitting a CSR, Clients query TAK Server for Relative Distinguished Names (RDNs) that need","rect":[72.0,347.4566955566406,539.5314511093526,337.5040588378906]},{"page":58,"text":"t` o go into the CSR. The nameEntries element in CoreConfg.xml specifes the required RDNs, giving the","rect":[72.0,358.9743347167969,539.546774201748,349.90838623046877]},{"page":58,"text":"`administrator control over generated certifcates. The CN value in the CSR will be equal to the HTTP","rect":[72.0,370.9293212890625,539.5671635525786,361.8633728027344]},{"page":58,"text":"`username. TAK Server validates all required felds in the CSR prior to signing.","rect":[72.0,382.88433837890627,417.01473656749729,373.70880126953127]},{"page":58,"text":"T` he extra step of having client query TAK Server for RDNs wouldn’t be required if TAK Server were signing","rect":[71.64099884033203,400.81732177734377,539.5396939941654,391.64178466796877]},{"page":58,"text":"`certifcates exclusively, since TAK Server could just add these names to the certifcate. However, when","rect":[72.0,412.7623596191406,539.5061606232788,403.5967712402344]},{"page":58,"text":"`proxying the CSR to an external CA, this allows additional fexibility in controlling the subject name within","rect":[72.0,424.7273254394531,539.4988555693279,415.5517883300781]},{"page":58,"text":"`the certifcate.","rect":[72.0,434.7396545410156,134.4854244337082,427.61639404296877]},{"page":58,"text":"T` he TAKServerCAConfg element specifes the keystore that TAK Server will use for signing certifcates. The","rect":[71.64099884033203,454.6153564453125,539.5396994386939,445.4398193359375]},{"page":58,"text":"k` eystore must hold the CA’s private key along with it’s full trust chain. The makeCert.sh script will produce","rect":[72.0,466.5703125,539.4886130129127,457.394775390625]},{"page":58,"text":"`a signing keystore when generating an intermediate CA certifcate. Certifcates signed by TAK Server will be","rect":[72.0,478.52532958984377,539.5275534426002,469.34979248046877]},{"page":58,"text":"v` alid for the specifed validityDays, and will be signed using the algorithm specifed by signatureAlg.","rect":[71.74099731445313,490.4803161621094,510.72295800304416,481.3047790527344]},{"page":58,"text":"T` he MicrosoftCAConfg element defnes how TAK Server will connect to the Certifcate Enrollment Services","rect":[71.64099884033203,508.413330078125,539.5506045502489,499.23779296875]},{"page":58,"text":"(CES) endpoint. The CES endpoint is defned by the svcUrl attribute. The CES endpoint must be confgured","rect":[70.83399963378906,520.8067016601563,539.5234554751252,510.8540344238281]},{"page":58,"text":"t` o use Username/Password authentication, and by default will include ‘UsernamePassword’ in the URL. The","rect":[72.0,532.76171875,539.5719836133768,522.80908203125]},{"page":58,"text":"u` sername and password attributes refer to an account confgured on the MS CA Server to access the the CES","rect":[72.0,544.2793579101563,539.5861385805939,535.103759765625]},{"page":58,"text":"`endpoint. The truststore and truststorePass attrbitues point to a Java keystore (.jks) fle that contains the","rect":[72.0,556.6727294921875,539.4684028478533,546.7200927734375]},{"page":58,"text":"`trust chain for the svcUrl endpoint. Lastly, the templateName defnes the certifcate template that will be","rect":[72.0,568.1793212890625,539.4906064801448,559.1233520507813]},{"page":58,"text":"u` sed to sign CSRs sent from TAK Server.","rect":[72.0,580.1443481445313,253.8273891553879,570.96875]},{"page":58,"text":"`22 Appendix D: PostgreSQL TLS Confguration","rect":[72.0,613.917236328125,422.21939623355868,601.005615234375]},{"page":58,"text":"`22.1 Confgure PostgreSQL server to use TLS","rect":[72.0,637.2520751953125,349.9464569091797,626.4923706054688]},{"page":58,"text":"• Follow the steps in Appendix B (Certifcate Generation) to generate CA keys and certifcates if not","rect":[84.1760025024414,655.730712890625,539.8214605144217,645.778076171875]},{"page":58,"text":"already done so.","rect":[96.9070053100586,667.2383422851563,167.49203148937228,658.2919311523438]},{"page":58,"text":"• Generate PostgreSQL server keys and certifcates:","rect":[84.1760025024414,685.1803588867188,314.34075585460666,676.1143798828125]},{"page":58,"text":"cd /opt/tak/certs","rect":[72.0,703.272705078125,160.91612536907196,694.1569213867188]},{"page":58,"text":"`sudo su tak","rect":[72.0,713.0758056640625,129.53401477336883,706.9388427734375]},{"page":58,"text":"57","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.1532592773438]},{"page":59,"text":"./makeCert.sh","rect":[72.0,82.7798843383789,139.994753909111,75.04890441894531]},{"page":59,"text":"server","rect":[145.22511291503907,82.01276397705078,176.60728747844696,77.57940673828125]},{"page":59,"text":"takdb","rect":[181.837646484375,82.01276397705078,207.98945910930633,75.87580108642578]},{"page":59,"text":"B` ecome a normal user","rect":[72.0,105.97254943847656,168.76674491214753,98.95887756347656]},{"page":59,"text":"exit","rect":[72.0,123.85578155517578,92.9214583158493,117.76863098144531]},{"page":59,"text":"s` udo chown postgres","rect":[72.0,138.03245544433595,171.3769255399704,129.67384338378907]},{"page":59,"text":"/opt/tak/certs/files/takdb.key","rect":[176.60728454589845,138.02249145507813,333.5181456327438,128.84693908691407]},{"page":59,"text":"• Update postgresql.conf. The fle location can be diferent depending on your","rect":[84.1760025024414,161.71328735351563,430.52455741214757,152.64732360839845]},{"page":59,"text":"– RHEL/Rocky/CentOS: /var/lib/pgsql/15/data/postgresql.conf","rect":[108.11500549316406,174.10665893554688,422.7397948026657,164.15402221679688]},{"page":59,"text":"– Ubuntu/RaspPi: /etc/postgresql/15/main/postgresql.conf","rect":[108.114990234375,186.06265258789063,399.5201597929001,176.11001586914063]},{"page":59,"text":"`sudo vim /var/lib/pgsql/15/data/postgresql.conf","rect":[72.0,203.7854461669922,317.8270445585251,194.5999298095703]},{"page":59,"text":"`ssl = on","rect":[72.0,213.51881408691407,113.84292132854462,207.38185119628907]},{"page":59,"text":"`ssl_ca_file = ’/opt/tak/certs/files/ca.pem’","rect":[72.0,227.62672424316407,296.9057188749313,218.5109405517578]},{"page":59,"text":"`ssl_cert_file = ’/opt/tak/certs/files/takdb.pem’","rect":[72.0,239.5817413330078,323.0575438261032,230.46595764160157]},{"page":59,"text":"`ssl_key_file","rect":[72.0,251.59652709960938,134.76439197063446,243.18809509277345]},{"page":59,"text":"=","rect":[139.9947509765625,250.0,145.22511584758758,245.0]},{"page":59,"text":"’/opt/tak/certs/files/takdb.key’","rect":[150.45547485351563,251.59652709960938,317.8271971464157,242.4209747314453]},{"page":59,"text":"# Make sure to update the next line to use the correct","rect":[72.0,263.49169921875,354.4397459745407,255.14305114746095]},{"page":59,"text":"cert-metadata.sh.","rect":[91.92499542236328,274.0,180.841189455986,267.09808349609377]},{"page":59,"text":"`ssl_passphrase_command","rect":[72.0,287.4027099609375,187.06801135540008,279.11383056640627]},{"page":59,"text":"=","rect":[192.29837036132813,286.0,197.5287352323532,281.0]},{"page":59,"text":"’echo","rect":[202.75909423828126,285.25079345703127,228.91092212200165,279.11383056640627]},{"page":59,"text":"\"atakatak\"’","rect":[234.1412811279297,285.25079345703127,291.6753111600876,279.0042419433594]},{"page":59,"text":"`ssl_passphrase_command_supports_reload","rect":[72.0,299.35772705078127,270.7538023710251,291.06884765625]},{"page":59,"text":"=","rect":[275.9841613769531,298.0,281.2145262479782,293.0]},{"page":59,"text":"on","rect":[286.44488525390627,298.0,296.9055968046188,293.0]},{"page":59,"text":"passphrase","rect":[359.67010498046877,263.49169921875,411.9737730741501,255.2028350830078]},{"page":59,"text":"as","rect":[417.2041320800781,261.33978271484377,427.6648741483688,256.9363098144531]},{"page":59,"text":"PostgreSQL","rect":[433.84210205078127,161.71328735351563,485.9066175222397,152.64732360839845]},{"page":59,"text":"configured","rect":[432.8952331542969,263.5514831542969,485.1988707304001,255.14305114746095]},{"page":59,"text":"installation:","rect":[489.234130859375,160.0,540.6809658155441,152.7569122314453]},{"page":59,"text":"in","rect":[490.42926025390627,261.33978271484377,500.89000232219697,255.3124237060547]},{"page":59,"text":"• Update pg_hba.conf. The fle location can be diferent depending on your PostgreSQL installation:","rect":[84.1760025024414,323.10833740234377,530.6187099561691,314.0423889160156]},{"page":59,"text":"– RHEL/Rocky/CentOS: /var/lib/pgsql/15/data/pg_hba.conf","rect":[108.11500549316406,335.5016784667969,401.81834704875947,325.5490417480469]},{"page":59,"text":"– Ubuntu/RaspPi: /etc/postgresql/15/main/pg_hba.conf","rect":[108.114990234375,347.4566650390625,378.5987120389938,337.5040283203125]},{"page":59,"text":"s` udo vim /var/lib/pgsql/15/data/pg_hba.conf","rect":[72.0,365.18048095703127,296.9055968046188,355.9949645996094]},{"page":59,"text":"A` dd this new line:","rect":[71.62100219726563,386.91864013671877,151.29192772960665,379.685791015625]},{"page":59,"text":"`Comment out the following","rect":[72.0,418.9784851074219,202.75909717082977,410.51025390625]},{"page":59,"text":"local connections","rect":[91.92499542236328,428.71282958984377,180.8420134305954,422.57586669921877]},{"page":59,"text":"all","rect":[286.4449462890625,404.8017883300781,302.1360350370407,398.6648254394531]},{"page":59,"text":"if `you also require","rect":[239.37200927734376,418.968505859375,338.7498350858688,410.5600891113281]},{"page":59,"text":"127.0.0.1/32","rect":[291.67535400390627,441.4349365234375,354.4397459745407,433.7039794921875]},{"page":59,"text":"::1/128","rect":[291.67535400390627,453.38995361328127,328.2879210233688,445.65899658203127]},{"page":59,"text":"cert","rect":[411.97369384765627,404.8017883300781,432.8951903104782,399.2326965332031]},{"page":59,"text":"authentication","rect":[364.90167236328127,417.0,438.1267271757126,410.6198425292969]},{"page":59,"text":"trust","rect":[417.2041015625,440.6678161621094,443.3559141874313,434.4710998535156]},{"page":59,"text":"trust","rect":[417.2041015625,452.6228332519531,443.3559141874313,446.4261169433594]},{"page":59,"text":"IPv4/IPv6","rect":[464.27899169921877,417.52392578125,511.35228259563447,409.79296875]},{"page":59,"text":"• Restart PostgreSQL server. Make sure it starts successfully.","rect":[84.1760025024414,478.5253601074219,358.09652367687229,469.45941162109377]},{"page":59,"text":"–","rect":[108.11500549316406,486.0,113.84350035190582,485.0]},{"page":59,"text":"RHEL, Rocky Linux, and CentOS installations:","rect":[118.8239974975586,490.4703674316406,317.2835489444473,481.41436767578127]},{"page":59,"text":"b` ash","rect":[321.35296630859377,489.0,342.2744322538376,482.350830078125]},{"page":59,"text":"sudo","rect":[347.5047912597656,489.0,368.42625720500947,482.350830078125]},{"page":59,"text":"systemctl","rect":[373.6566162109375,490.6994934082031,420.7298765897751,482.350830078125]},{"page":59,"text":"restart","rect":[425.96026611328127,489.0,462.5727720975876,482.918701171875]},{"page":59,"text":"postgresql-15","rect":[467.80316162109377,490.70947265625,535.7978697538376,482.2412414550781]},{"page":59,"text":"sudo","rect":[118.82395935058594,501.0,139.74542529582977,494.30682373046877]},{"page":59,"text":"systemctl","rect":[144.9757843017578,502.6554870605469,192.0490751981735,494.30682373046877]},{"page":59,"text":"status","rect":[197.27943420410157,501.0,228.66160876750946,494.87469482421877]},{"page":59,"text":"postgresql-15","rect":[233.8919677734375,502.66546630859377,301.8866759061813,494.1972351074219]},{"page":59,"text":"–","rect":[108.11495971679688,510.0,113.84345457553863,509.0]},{"page":59,"text":"Ubuntu","rect":[118.8239974975586,513.0,152.67312229320064,505.4349670410156]},{"page":59,"text":"and","rect":[157.78453063964845,513.0,174.14510715648189,505.4349670410156]},{"page":59,"text":"Raspberry","rect":[179.26669311523438,514.38134765625,225.19825231477186,505.4349670410156]},{"page":59,"text":"Pi","rect":[230.31982421875,512.3489990234375,240.04472179796907,505.5445556640625]},{"page":59,"text":"installations:","rect":[245.16629028320313,513.0,301.6458570518753,505.4349670410156]},{"page":59,"text":"`bash","rect":[309.86297607421877,513.0,330.7844420194626,506.2618408203125]},{"page":59,"text":"sudo","rect":[336.0148010253906,513.0,356.93626697063447,506.2618408203125]},{"page":59,"text":"systemctl","rect":[362.1666259765625,514.6105346679688,409.2398863554001,506.2618408203125]},{"page":59,"text":"restart","rect":[414.47027587890627,513.0,451.0827818632126,506.8297119140625]},{"page":59,"text":"postgresql","rect":[456.31317138671877,514.6204833984375,508.6167784452438,506.2618408203125]},{"page":59,"text":"sudo","rect":[513.84716796875,513.0,534.7685728788376,506.2618408203125]},{"page":59,"text":"systemctl","rect":[118.823974609375,526.5654907226563,165.8972655057907,518.216796875]},{"page":59,"text":"status","rect":[171.12762451171876,525.0,202.5098143339157,518.78466796875]},{"page":59,"text":"postgresql","rect":[207.74017333984376,526.575439453125,260.0437956571579,518.216796875]},{"page":59,"text":"22.2 Generate Client","rect":[71.99996948242188,552.3235473632813,203.12461474609376,543.8472900390625]},{"page":59,"text":"• Generate client keys and","rect":[84.17596435546875,572.6133422851563,204.3137429857254,563.557373046875]},{"page":59,"text":"cd /opt/tak/certs","rect":[72.0,590.7157592773438,160.91612536907196,581.5999755859375]},{"page":59,"text":"s` udo su tak","rect":[72.0,600.518798828125,129.53401477336883,594.3818359375]},{"page":59,"text":"./makeCert.sh dbclient","rect":[72.0,613.241943359375,187.06801135540008,605.5109252929688]},{"page":59,"text":"keys and","rect":[207.60781860351563,554.5711059570313,258.79998779296877,543.8950805664063]},{"page":59,"text":"certifcates:","rect":[207.63128662109376,571.0,256.90630761241916,563.557373046875]},{"page":59,"text":"certifcates","rect":[263.283203125,552.2517700195313,326.46644177246096,543.8233642578125]},{"page":59,"text":"C` lient keys and certifcates named “martiuser” (by default) will be created in the “fles” directory.","rect":[72.0,638.815673828125,500.30205956554416,628.863037109375]},{"page":59,"text":"• T` est SSL connection using the generated client certifcate:","rect":[84.1760025024414,656.3103637695313,349.51836815929416,647.244384765625]},{"page":59,"text":"psql","rect":[72.0,674.4017333984375,92.9214583158493,666.1128540039063]},{"page":59,"text":"\"host=127.0.0.1","rect":[98.15182495117188,672.2996215820313,176.607302737236,665.9534912109375]},{"page":59,"text":"port=5432","rect":[181.83766174316407,674.4017333984375,228.91095263957977,665.9932861328125]},{"page":59,"text":"user=martiuser","rect":[234.1413116455078,672.2498168945313,307.36644275188447,666.1726684570313]},{"page":59,"text":"dbname=cot","rect":[312.5968322753906,672.2498168945313,364.90050036907197,666.1128540039063]},{"page":59,"text":"sslmode=verify-ca","rect":[370.1308898925781,674.4615478515625,459.0471373319626,666.0531005859375]},{"page":59,"text":"sslcert=files/martiuser.pem","rect":[91.92499542236328,686.3577270507813,233.14483935832977,677.241943359375]},{"page":59,"text":"sslkey=files/martiuser.key","rect":[238.37521362304688,686.4175415039063,374.3647642850876,677.241943359375]},{"page":59,"text":"sslrootcert=files/ca.pem\"","rect":[379.59515380859377,686.3577270507813,510.3543272733688,677.241943359375]},{"page":59,"text":"I` f you don’t want to verify the server’s credential:","rect":[72.0,710.0983276367188,288.65667382335666,701.0423583984375]},{"page":59,"text":"58","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":60,"text":"psql","rect":[72.0,84.16468811035156,92.9214583158493,75.87580108642578]},{"page":60,"text":"\"host=127.0.0.1","rect":[98.15182495117188,82.06257629394531,176.607302737236,75.71640014648438]},{"page":60,"text":"port=5432","rect":[181.83766174316407,84.16468811035156,228.91095263957977,75.7562484741211]},{"page":60,"text":"user=martiuser","rect":[234.1413116455078,82.01276397705078,307.36644275188447,75.93557739257813]},{"page":60,"text":"dbname=cot","rect":[312.5968322753906,82.01276397705078,364.90050036907197,75.87580108642578]},{"page":60,"text":"sslmode=require","rect":[370.1308898925781,84.16468811035156,448.5863829374313,75.87580108642578]},{"page":60,"text":"sslcert=files/martiuser.pem sslkey=files/martiuser.key\"","rect":[91.92499542236328,96.17948150634766,379.5951414823532,87.00392150878906]},{"page":60,"text":"The sslmode “verify-ca” means “I want to be sure that I connect to a server that I trust.” The sslmode","rect":[71.64099884033203,119.8603744506836,539.5940154126855,110.80436706542969]},{"page":60,"text":"“require” means “I trust that the network will make sure I always connect to the server I want.”","rect":[70.58499908447266,131.81532287597657,489.9106905899048,122.86891174316406]},{"page":60,"text":"M` ore information on the sslmode can be found here: https://www.postgresql.org/docs/current/libpq-ssl.html","rect":[72.0,150.19662475585938,539.5275674991349,140.24398803710938]},{"page":60,"text":"• `Test database permission from the psql prompt:","rect":[84.17599487304688,167.5718231201172,305.9120143995285,158.6254119873047]},{"page":60,"text":"select","rect":[72.0,183.6317901611328,103.38218982219697,177.4948272705078]},{"page":60,"text":"count(*)","rect":[108.61299133300781,184.38894653320313,150.45592029094696,176.6679229736328]},{"page":60,"text":"from","rect":[155.686279296875,184.0,176.60774524211883,177.43504333496095]},{"page":60,"text":"cot_router;","rect":[181.83810424804688,184.95680236816407,239.37208850383758,178.0]},{"page":60,"text":"NOTE: If you want to use a diferent name for certifcates, you would also need to add a new user to the","rect":[71.44000244140625,209.5243682861328,539.7285288657608,200.46836853027345]},{"page":60,"text":"PostgreSQL database and grant permissions for the user. For example, following these steps to create a","rect":[71.45000457763672,221.47938537597657,539.6469297796652,212.4233856201172]},{"page":60,"text":"certifcate named “takdbuser”","rect":[71.20599365234375,233.43434143066407,198.7671275396347,224.3783416748047]},{"page":60,"text":"./makeCert.sh dbclient","rect":[72.0,250.15196228027345,187.06801135540008,242.4209747314453]},{"page":60,"text":"s` udo su - postgres","rect":[72.0,263.56146240234377,166.14656360149383,255.2028350830078]},{"page":60,"text":"takdbuser","rect":[192.29837036132813,249.3848419189453,239.3716307401657,243.2478790283203]},{"page":60,"text":"C` onnect to Postgres:","rect":[72.0,287.2423095703125,162.67959252452853,278.1763610839844]},{"page":60,"text":"p` sql -d cot","rect":[72.0,305.3347473144531,129.53401477336883,297.0458679199219]},{"page":60,"text":"# List all users/roles:","rect":[72.0,315.9049072265625,192.2983885526657,308.1739501953125]},{"page":60,"text":"\\du","rect":[72.0,327.8609313964844,87.69109637737275,320.1299743652344]},{"page":60,"text":"S` ELECT *","rect":[72.0,340.0,113.84292132854462,332.80224609375]},{"page":60,"text":"# Create","rect":[72.0,351.0536193847656,113.84291369915009,344.7572326660156]},{"page":60,"text":"name of the user must","rect":[91.92499542236328,365.1705017089844,201.76265246868133,356.7620849609375]},{"page":60,"text":"C` REATE USER takdbuser;","rect":[72.0,376.23883056640627,187.06801135540008,368.65728759765627]},{"page":60,"text":"`grant martiuser to","rect":[72.0,389.0904846191406,166.14656360149383,380.7916259765625]},{"page":60,"text":"# Optional: Double","rect":[72.0,400.9767150878906,166.14656360149383,392.5782470703125]},{"page":60,"text":"match","rect":[206.99301147460938,362.95880126953127,233.14483935832977,356.7620849609375]},{"page":60,"text":"the","rect":[238.3751983642578,362.95880126953127,254.066287112236,356.7620849609375]},{"page":60,"text":"CN","rect":[259.2966613769531,363.0086364746094,269.7574034452438,356.7122497558594]},{"page":60,"text":"in","rect":[274.9877624511719,362.95880126953127,285.4485045194626,356.9314270019531]},{"page":60,"text":"the","rect":[290.6788635253906,362.95880126953127,306.3699522733688,356.7620849609375]},{"page":60,"text":"client","rect":[311.600341796875,362.95880126953127,342.98253161907197,356.7620849609375]},{"page":60,"text":"certificate.","rect":[348.2129211425781,365.1705017089844,410.9773131132126,356.7620849609375]},{"page":60,"text":"(\"martiuser\"). The","rect":[432.8952331542969,351.7609558105469,527.0418272733689,344.0399475097656]},{"page":60,"text":"2` 2.3 Confgure TAK Server to use SSL","rect":[72.0,435.0310363769531,309.11944274902347,424.2713317871094]},{"page":60,"text":"• Note that when you created a database client certifcate (./makeCert.sh dbclient), an additional private","rect":[84.1760025024414,453.51068115234377,539.5283468996314,443.55804443359377]},{"page":60,"text":"key fle in PKCS#8 format was created. Use this fle for the param sslkey in CoreConfg.xml instead of","rect":[96.9070053100586,465.0273132324219,539.5967786440581,455.96136474609377]},{"page":60,"text":"using the fles with .key extension.","rect":[96.9070053100586,476.9823303222656,246.88396874523165,467.9163818359375]},{"page":60,"text":"• Update CoreConfg.xml: Update the <connection> tag in <repository> (Remember to use a correct","rect":[84.1760025024414,495.35369873046877,539.8661393719602,485.40106201171877]},{"page":60,"text":"hostname/IP)","rect":[96.9070053100586,507.30865478515627,157.65893047714233,497.35601806640627]},{"page":60,"text":"<` connection","rect":[72.0,522.810791015625,129.53401477336883,516.733642578125]},{"page":60,"text":"url=\"jdbc:postgresql://127.0.0.1:5432/cot\"","rect":[134.76438903808595,525.032470703125,354.4397154569626,515.846923828125]},{"page":60,"text":"username=\"martiuser\"","rect":[359.67010498046877,522.810791015625,464.2774229764938,516.5642700195313]},{"page":60,"text":"sslEnabled=\"true\" sslMode=\"verify-ca\" sslCert=\"certs/files/martiuser.pem\"","rect":[91.92499542236328,536.9775390625,473.7417479276657,527.8019409179688]},{"page":60,"text":"sslKey=\"certs/files/martiuser.key.pk8\"","rect":[91.92499542236328,548.9325561523438,290.6788817167282,539.7569580078125]},{"page":60,"text":"sslRootCert=\"certs/files/ca.pem\"/>","rect":[295.9092712402344,548.8727416992188,473.7417479276657,539.7569580078125]},{"page":60,"text":"I` f you don’t want to verify the server’s credential (not recommended in production):","rect":[72.0,573.0617065429688,439.3808559522629,563.1090698242188]},{"page":60,"text":"`<connection","rect":[72.0,588.5638427734375,129.53401477336883,582.4866943359375]},{"page":60,"text":"url=\"jdbc:postgresql://127.0.0.1:5432/cot\"","rect":[134.76438903808595,590.7855224609375,354.4397154569626,581.5999755859375]},{"page":60,"text":"username=\"martiuser\"","rect":[359.67010498046877,588.5638427734375,464.2774229764938,582.3173217773438]},{"page":60,"text":"sslEnabled=\"true\" sslMode=\"require\" sslCert=\"certs/files/martiuser.pem\"","rect":[91.92499542236328,602.6707153320313,463.28099353313447,593.554931640625]},{"page":60,"text":"sslKey=\"certs/files/martiuser.key.pk8\"","rect":[91.92499542236328,614.6865234375,290.6788817167282,605.5109252929688]},{"page":60,"text":"/>","rect":[295.9092712402344,613.241943359375,306.3700133085251,605.5109252929688]},{"page":60,"text":"• Start/Restart TAK server.","rect":[84.17599487304688,638.815673828125,212.82183495616915,628.863037109375]},{"page":60,"text":"`sudo systemctl restart takserver","rect":[77.22999572753906,656.529541015625,244.60162646770477,648.1808471679688]},{"page":60,"text":"59","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]},{"page":61,"text":"`23 Appendix E: Proper Use of Trusted CAs","rect":[72.0,84.73176574707031,393.1252945737839,71.92060852050781]},{"page":61,"text":"TAK uses Mutual TLS (MTLS) authentication to establish secure communications channels between TAK","rect":[71.64099884033203,106.2636489868164,539.9505218607587,96.3110122680664]},{"page":61,"text":"c` lients and TAK Server. It’s critical that deployments use a CA created by the TAK server scripts, or another","rect":[72.0,117.7713851928711,539.7132820364452,108.60578918457031]},{"page":61,"text":"`private CA, to establish the root of trust. `Failure to follow this guidance could result in exposing","rect":[72.0,129.68655395507813,539.787418351316,120.56080627441406]},{"page":61,"text":"`your deployment to a Man-In-The-Middle (MITM) attack.","rect":[72.0,142.11976623535157,367.77960130405429,132.17709350585938]},{"page":61,"text":"•","rect":[84.1760025024414,156.7152862548828,91.91694251155853,153.84605407714845]},{"page":61,"text":"•","rect":[84.1760025024414,180.62525939941407,91.91694251155853,177.7560272216797]},{"page":61,"text":"•","rect":[84.1760025024414,204.53529357910157,91.91694251155853,201.6660614013672]},{"page":61,"text":"T` o ensure secure communications, it’s critical that truststores deployed to TAK clients only contain","rect":[96.54800415039063,159.6143341064453,539.51330173656,150.44874572753907]},{"page":61,"text":"CAs created by the TAK Server scripts or another private CA.","rect":[96.9070053100586,171.56935119628907,371.25704613780979,162.4037628173828]},{"page":61,"text":"T` here is never a need to add a LetsEncrypt, Digicert or any other public CA certifcate to a truststore","rect":[96.54800415039063,183.53433227539063,539.5481413547377,174.35877990722657]},{"page":61,"text":"on a TAK client or TAK Server.","rect":[96.9070053100586,193.65623474121095,237.72832909679415,186.3137969970703]},{"page":61,"text":"`When using Quick Connect, the LetsEncrypt or DigiCert server certifcate should only be confgured","rect":[96.39900207519531,207.44430541992188,539.5328631601902,198.3783416748047]},{"page":61,"text":"`within your 8446 connector, and never within your <tls> confguration.","rect":[96.54800415039063,219.40036010742188,410.25030175304416,210.3343963623047]},{"page":61,"text":"`Appendix","rect":[71.6209945678711,237.21275329589845,114.75805150910777,228.15675354003907]},{"page":61,"text":"B","rect":[121.93231964111328,235.28997802734376,129.12691054516754,228.4855194091797]},{"page":61,"text":"of","rect":[136.31134033203126,236.0,144.49163767483535,228.26634216308595]},{"page":61,"text":"the","rect":[151.6658935546875,236.0,165.76036673104489,228.3759307861328]},{"page":61,"text":"TAK","rect":[172.93463134765626,235.28997802734376,194.9655218452465,228.15675354003907]},{"page":61,"text":"Server","rect":[202.13980102539063,236.0,229.82069606909989,228.26634216308595]},{"page":61,"text":"Confguration","rect":[237.005126953125,237.33230590820313,297.9558371369506,228.26634216308595]},{"page":61,"text":"Guide","rect":[305.130126953125,236.0,331.7033598951074,228.26634216308595]},{"page":61,"text":"(see","rect":[338.87762451171877,237.77066040039063,355.8478911451074,227.81802368164063]},{"page":61,"text":"Downloadable","rect":[363.0323181152344,236.0,425.22286062752928,228.3759307861328]},{"page":61,"text":"Resources","rect":[432.4072570800781,236.0,476.1235510085437,228.4855194091797]},{"page":61,"text":"section","rect":[483.2978210449219,236.0,513.8037070099975,228.7445526123047]},{"page":61,"text":"here","rect":[520.9779663085938,236.0,539.6147673658105,228.3759307861328]},{"page":61,"text":"h` ttps://tak.gov/products/tak-server) contains steps for creating a root CA to use in your TAK deployment.","rect":[72.0,249.72567749023438,541.4793624522621,239.77304077148438]},{"page":61,"text":"T` he makeRootCa.sh script creates a private key and self-signed certifcate for the CA, and packages up the","rect":[71.64099884033203,261.2433166503906,539.5541027895201,252.06776428222657]},{"page":61,"text":"`CA certifcate within truststores that can be confgured on TAK clients and on TAK Server.","rect":[72.0,273.1983337402344,475.2062038526535,264.0227966308594]},{"page":61,"text":"`Appendix B contains additional steps for creating a client and server certifcates, signed by the root CA. Ap-","rect":[71.6209945678711,291.1313171386719,541.1942746471844,281.9557800292969]},{"page":61,"text":"`pendix C describes TAK Server’s Certifcate Enrollment capability (https://wiki.tak.gov/display/DEV/Certifcate+Enrollment)","rect":[72.0,303.5246887207031,610.7608962894724,293.5720520019531]},{"page":61,"text":"t` hat automates the provisioning of client certifcates.","rect":[72.0,315.04132080078127,312.5615369835159,305.9753723144531]},{"page":61,"text":"Users authenticate to the Certifcate Enrollment","rect":[320.06097412109377,314.0,539.7703130534842,305.9753723144531]},{"page":61,"text":"e` ndpoints with username/password, provide a CSR and receive a signed client certifcate in return.","rect":[72.0,327.4346618652344,503.87862816905979,317.4820251464844]},{"page":61,"text":"`When enrolling using a server certifcate from a self-signed TAK CA, clients must be bootstrapped with","rect":[71.49199676513672,344.9293212890625,539.5366171662475,335.7537841796875]},{"page":61,"text":"`server’s CA certifcate prior to enrollment. To streamline provisioning of clients, TAK provides the Quick","rect":[72.0,356.88433837890627,539.7483606660738,347.70880126953127]},{"page":61,"text":"`Connect feature that performs Certifcate Enrollment using trust provided by LetsEncrypt or DigiCert CAs.","rect":[72.0,368.8393249511719,541.4376362083417,359.6637878417969]},{"page":61,"text":"TAK clients have embedded the LetsEncrypt and DigiCert CAs and will use these CAs when validating","rect":[71.64099884033203,380.7943115234375,539.5637138656368,371.6187744140625]},{"page":61,"text":"c` onnections to the enrollment port. In this confguration, the TAK client will be able to leverage the embedded","rect":[72.0,392.74932861328127,539.5082577212189,383.57379150390627]},{"page":61,"text":"L` etsEncrypt CA certifcate, along with TLS hostname verifcation, to ensure the integrity of the connection.","rect":[72.0,404.7053527832031,541.3567778133693,395.5298156738281]},{"page":61,"text":"To confgure Quick Connect, the TAK server admin adds the keystore, keystoreFile, and keystorePass","rect":[71.64099884033203,422.6373291015625,539.5433813308093,413.4617919921875]},{"page":61,"text":"a` ttributes on the 8446 connector to use the trusted server cert for enrollment, as shown below.","rect":[72.0,433.0,484.76046410655979,425.5273742675781]},{"page":61,"text":"<connector","rect":[113.84300231933594,451.0,166.1466551542282,444.94378662109377]},{"page":61,"text":"port=\"8446\"","rect":[171.37701416015626,452.6847229003906,228.91102893352508,444.27630615234377]},{"page":61,"text":"clientAuth=\"false\"","rect":[234.14138793945313,450.5328063964844,328.2879820585251,444.27630615234377]},{"page":61,"text":"_name=\"cert_https\"","rect":[333.51837158203127,452.6847229003906,427.6649657011032,444.2862548828125]},{"page":61,"text":"keystoreFile=\"certs/files/letsencrypt-server-cert.jks\"","rect":[133.7679901123047,464.70050048828127,416.20775134563447,455.52496337890627]},{"page":61,"text":"keystorePass=\"example-pass\"/>","rect":[133.7679901123047,476.6554870605469,285.44859607219697,467.4799499511719]},{"page":61,"text":"keystore=\"JKS\"","rect":[432.8953552246094,452.7445068359375,506.12047107219697,444.2862548828125]},{"page":61,"text":"`When using Quick Connect, you never have to do any confguration with LetsEncrypt or DigiCert CA itself.","rect":[71.49199676513672,500.3463134765625,541.473097634123,491.1707763671875]},{"page":61,"text":"That is handled by embedding the CAs within the clients. The only reference to any key material from","rect":[71.64099884033203,512.3013305664063,539.5435577005416,503.1257629394531]},{"page":61,"text":"`LetsEncrypt or DigiCert within your environment will be the server certifcate contained in keystoreFile","rect":[72.0,524.25634765625,539.4553435376855,515.1903686523438]},{"page":61,"text":"t` hat’s referenced by your 8446 connector.","rect":[72.0,536.202392578125,252.14371911144259,527.1464233398438]},{"page":61,"text":"60","rect":[301.01898193359377,750.0972290039063,310.9815745353699,743.2529296875]}]}