Monofor Virtual Appliance
Monofor has providing virtual machine which is ready for Monofor Products. If you don’t want lose any time to preparing of the linux server you can download and import your VMware Infrastructure.
Please follow this guide to install Monofor Virtual Appliance.
Monofor products can be installed in different kinds of server environments.
Supported Operating Systems are listed In the table below;
Ubuntu 22.04 LTS
Red Hat Enterprise Linux 7.x
Red Hat Enterprise Linux 8.x
Red Hat Enterprise Linux 9.x
Centos Stream 8.x
Centos Stream 9.x
Oracle Linux 7.x
Oracle Linux 8.x
Oracle Linux 9.x
*Red Hat Enterprise Linux 7.x EOL June 30, 2026
**Centos 7.x EOL June 30, 2024
***Oracle Linux 7.x June 1, 2026
Windows OS is not supported by Monosign because Windows OS is not supporting the Linux container architecture.
CPU, disk and memory requirements are listed for the supported operating system In the table below;
For the Single Server deployment, 1 server is enough for installation.
Monofor server needs some software packages to work correctly. In the Monofor Server environment, required software packages and docker engine services must be installed or can be installed during the installation on the Linux server.
Operating System Packages
apt-get install -y build-essential traceroute ethtool dnsutils \ open-vm-tools net-tools tcpdump apt-transport-https ca-certificates \ curl software-properties-common unzip gnupg jq bash-completion netcat
YUM Package Manager
yum install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \ epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq bash-completion netcat
DNF Package Manager
dnf install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \ epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq bash-completion netcat
curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
Monofor Server required docker engine services listed in the below.
Docker engine packages can be install from official docker repositories. Please check this page to install correct version for your Linux Server distros.
Docker engine packages list:
Monofor PoC environment doesn’t require external databases. Monosign PoC installer has local database container and it will install during the PoC installation.
Operating System Firewall
Operating System firewall must be disabled.
systemctl disable firewall
system stop firewall
systemctl disable ufw
systemctl stop ufw
Monosign application and services need domain names on the internal and external DNS system. In the table below, required domain names defined. These are the default values of the DNS names. However, if needed they can change to any values.
Internal and External*
If the Monosign Authenticator Push Service wants to be used via the internet, the Account application must be published on the internet. For this access, monosign-account.domain.com domain name must be configured on the external DNS system, and firewall ports must be opened. For firewall requirements, you can check this page.
Account, API and Management hostname must be defined for all installations.
Monosync DNS record required if Monosync is in PoC Scope.
Monopam and related DNS record required if Monopam is in PoC Scope
Timezone and the NTP configuration
Linux server timezone and the NTP configuration must be done on the Linux server.
It can be check with the below link
SSL Certificate Requirements
Monosign has multiple web services, and every service has different functionality. Monosign uses secure communications, internal services and external integrations. Due to this, Monosign services need a wildcard SSL certificate to work properly.
SSL Certificate options
- Public certificate must be signed by one of Global Certificate Authorities - Public certificate format must be base64 encoded CRT format - Public certificate contains full chain certificate like root CA, and intermediate CA. - Private key should not be exported password protected - Private key format must be RSA format
During PoC/Demo installation, a self-signed certificate is generated by the installer.
For Monosign images, updates license check and configuration
Docker required package installation
Operating System repositories
OS upgrades and some necessary packages
Active Directory Servers
Integration for Active Directory Services
TCP/25 or TCP/587
Any Radius Clients
Users SSO operations, and management access.
DB Specific Port
Monopam Gateway Server
TCP/22 and TCP/3389
*Monopam Gateway Access to other servers
Monopam Gateway Server
Monopam Gateway Server
*Monopam to Monopam Gateway Server Communication
*If this module wants to test, this firewall requirements are needed.
User Source Requirements
In the document below, the user source type requirements are described.
Active Directory Requirements
Monosign supports Unified Directory architecture. It means you can use an external or an internal user directory. Monosign natively supports Microsoft Active Directory/LDAP servers. Active directory integration can be performed with the following user permissions.
A service user must be created in the active directory.
Example service user name “monosign_svc“
Standard Active Directory User Permission
Password Reset/Unlock Account
If SSP(Self-Service Portal) is not needed, the service user doesn’t require any special permissions. Default AD user permissions are enough.
Monopam Gateway Requirements
Monopam is in the PoC scope Monopam Gateway server must be prepared. If Monopam is not in the scope, you can skip this step.
Monopam Gateway Service can be installed only on Microsoft Windows Servers.
In the table below supported Operating Systems are listed.
Monopam Gateway Service is using RDS in Windows system. Because of that Windows Server must be joined to the Active Directory Domain.
Monopam Remote Service
Windows Server 2019
Windows Server 2022
The table below lists CPU, disk, and memory requirements for the supported operating system.
Ipv6 must be disabled on the Windows Server.