Install the ExtraHop session key forwarder on a Windows server 8
5. After the software is removed, click Yes to restart the system
Installation parameters
The session key forwarder software is provided as an MSI package. A complete installation of the forwarder
requires specifying the EDA_HOSTNAME parameter. Three additional parameters, EDA_CERTIFICATEPATH,
SERVERNAMEOVERRIDE, or TCPLISTENPORT might be required and are described in the tables below.
MSI Installation Parameter EDA_HOSTNAME
Registry Entry HKEY_LOCAL_MACHINE\SOFTWARE\ExtraHop
\EDAHost
Description The sensor hostname or IP address where SSL
session keys will be sent.
This parameter is required.
MSI Installation Parameter EDA_CERTIFICATEPATH
Registry Entry N/A
Description
The monitored server must trust the issuer of
the sensor SSL certificate through the server’s
certificate store.
In some environments, the sensor works with the
self-signed certificate that the ExtraHop firmware
generates upon installation. In this case, the
certificate must be added to the certificate store.
The EDA_CERTIFICATEPATH parameter enables a
file-based PEM-encoded certificate to be imported
into the Windows certificate store at installation.
If the parameter is not specified at installation
and a self-signed or other CA certificate must
be placed into the certificate store manually,
the administrator must import the certificate to
Certificates (Computer Account) > Trusted Root
Certification Authorities on the monitored system.
This parameter is optional if the monitored
server was previously configured to trust the SSL
certificate of the sensor through the Windows
certificate store.
MSI Installation Parameter SERVERNAMEOVERRIDE
Registry Entry HKEY_LOCAL_MACHINE\SOFTWARE\ExtraHop
\ServerNameOverride
Description
If there is a mismatch between the sensor hostname
that the forwarder knows (EDA_HOSTNAME) and
the common name (CN) that is presented in the SSL
certificate of the sensor, then the forwarder must
be configured with the correct CN.
This parameter is optional.