Installation

Solidshield is designed as a client-server architecture.

The protection server, where the core technology relies, is a Linux container shipped as a single statically-linked binary or as a Docker image. Protections requests are issued using either the WEB-based user interface or via the command-line tool.

Solidshield protection server provides:

• Solidstudio: a WEB-based user interface to setup and perform protections.

• sldcmd: Windows/Linux command-line protection tool, useful to automate the protection of new builds in the compilation chain, or to perform batch protections of multiple binaries.

Running the Protection Server

Solidshield Protection Server is offered in two main flavors:

• a Docker image,
• a Standalone statically-linked binary, requiring a Linux kernel version greater or equal to 3.8.

Docker image

To import the docker image you received it is sufficient to enter in a terminal:

docker load --input solidshield_<version>_docker.tar.gz

Starting the protection server is as easy as typing:

docker run --rm -p9090:9090 solidshield:<version>

At this point the WEB user interface will be accessible with a WEB browser at the URL https://localhost:9090/ while a copy of this documentation can be browsed at https://localhost:9090/#/docs/

Custom SSL certificate

In order to specify a SSL certificate, it is possible to specify a mount pointing to a directory that contains two PEM files named cert.key and cert.crt as follows:

docker run --rm -v $(pwd)/certs:/app/certs -p9090:9090 solidshield:<version>

Standalone

Running the standalone version can be as easy as:

./solidshield_<version> -insecure

At this point the WEB user interface will be accessible with a WEB browser at the URL https://localhost:9090/, while a copy of this documentation can be browsed at https://localhost:9090/#/docs/.

Kernel version 3.8+ is required

In order to run the standalone server, the minimal supported kernel version is 3.8

The list of supported arguments is:

-cert string
    Path to HTTPS SSL .crt file to use for WEB server
-key string
    Path to HTTPS SSL .key file to use for WEB server
-config string [Optional]
    The JSON config file
-insecure [Required if no cert and key are supplied]
    Generate random SSL certificate for WEB server (insecure)
-port int
    The HTTPS port of Solidshield server (default 9090)
-version
    Display version information

Custom SSL certificate

It is possible to store the server configuration in a JSON file, which may look like the following:

{
  "ssl_cert_file": "certs/cert.crt",
  "ssl_key_file": "certs/cert.key",
  "port": 9090
}

To use the supplied config.json file, the server should be executed with:

./solidshield_<version> -c config.json

Next steps

If everything is set and running, once logged in, you can:

• Head to the Getting started guide, to learn they key principles on how to bootstrap a protection project.
• Check Solidshield Examples guide, to test some command-line based protection,
• Download and install Solidstudio protection client,
• Master Solidshield Management Panel for managing multiple teams and users and to install update packages.
• Install new updates to keep your installation up-to-date

---

Last update: 2021-08-10