Agent installation and deployment
Overview
This guide provides comprehensive instructions for installing and uninstalling the Redtrust agent in Windows environments. It includes steps for standard installations, silent installations (automated setups with minimal user interaction), and server installations (for enterprise environments). This guide is intended for system administrators or anyone responsible for deploying and configuring Redtrust.
By the end of this guide, you will have installed the Redtrust agent and be able to set up the platform.
Background
These are the details of the three types of installation:
| Type | Description |
|---|---|
| Standard installation | Installs the agent with a guided setup. |
| Server installation | Designed for unattended environments where Windows server-based applications need centralized certificates without user interactions. Key features include: |
| Silent installation | Runs the installation in the background without accessing the wizard or requiring user input. |
Before you start
Ensure you have the installation package, including an installer (MSI) file and a batch file (bat).
To view system requirements, select an installation type.
System requirements
- Standard installation
- Silent installation
- Server installation
- Microsoft Windows 8.1, 10, or 11 (32/64-bit).
- .NET Framework 4.8 enabled.
- Administrator privileges (required only during installation).
32-bit Machine:
- Visual C++ Redistributable for Visual Studio 2015-2022 x86 (VC_redist.x86.exe) (
NO_REDISToption to skip). - SQL Server Compact 4.0 x86 (SSCERuntime_x86-ENU.exe) (
NO_SQLCOMPACToption to skip). - Microsoft .NET Runtime 6.0.20 (x86) (dotnet-runtime-6.0.20-win-x86.msi).
64-bit Machine:
- Visual C++ Redistributable for Visual Studio 2015-2022 x64 (VC_redist.x64.exe) (
NO_REDISToption to skip). - SQL Server Compact 4.0 x64 (SSCERuntime_x64-ENU.exe) (
NO_SQLCOMPACToption to skip). - Microsoft .NET Runtime 6.0.20 (x64) (dotnet-runtime-6.0.20-win-x64.msi).
- Microsoft Windows Server 2022, 2019, 2016, or 2012.
- .NET Framework 4.8 or later.
- Administrator privileges.
Installation
For information about supported parameters, see the installation parameters page. Running the installer without parameters installs the agent with default configurations.
Step 1: Install the agent
- Standard installation
- Silent installation
- Server installation
The Redtrust agent is provided as an MSI package, accepting multiple parameters listed in the parameters page. Two versions are available: one for 32-bit and one for 64-bit systems.
An example of agent installation can be the following:
On-premise option
msiexec /i rt-agent-x64-1.82.1-1949-MS.msi
RTPRIMARY="RTServerPrimary" RTSECONDARY="RTServerSecondary"
CLIENTID="gps90IsdWqH7jVP7kiOukBrtpqwvYsvc=" LANGUAGE="es-ES"
AuthMode=ActiveDirectory
Cloud option
msiexec /i rt-agent-x64-1.82.1-1949-MS.msi LANGUAGE="en-EN" DEFAULTDOMAIN=”redtrust”
The installation process is guided through a wizard where you can specify the directory where the product will be stored. The process will take only a few seconds.
Use the msiexec command for silent installation. For a completely silent setup, run:
msiexec /i rt-agent-x64-1.82.1-1949-MS.msi
RTPRIMARY="RTServerPrimary" RTSECONDARY="RTServerSecondary"
CLIENTID="gps90IsdWqH7jVP7kiOukBrtpqwvYsvc=" LANGUAGE="es-ES"
AuthMode=ActiveDirectory /qn
If silent installation fails due to prerequisites, install vc_redist and SSCERuntime_x-ENU separately, then rerun the installer with the NO_REDIST and NO_SQLCOMPACT options.
For unattended environments, set the AGENTMODE parameter to SERVER.
Once installed in the Redtrust installation folder (by default c:\Program Files\Redtrust) use the rtsetup.exe tool to configure Redtrust.
> rtsetup
This command returns:
Tool to configure the Redtrust Server Agent.
Usage:
rtsetup.exe -authMode=[LocalUsers|Ldap] -username=[username] -password=[password]
or
rtsetup.exe -authMode=ActivationCode -code=[activation code]
Optional parameters:
-primaryServer=[IP or hostname]
-secondaryServer=[IP or hostname]
-servicePort=[Port] (default value: 443)
Note: Both need to be set at once. Port is only updated when servers are set.
Use this tool in order to:
Set RedTrust credentials for agent (local users or activation code).
Set Redtrust server addresses.
After tool execution, service RTService needs to be restarted in order to refresh configuration.
Step 2: Configure the browser
After installing the agent, configure browsers to enable Redtrust certificate management. Repeat this for every browser and device that requires certificates.
Edge
- Click the puzzle icon.
- In the Redtrust extension, click the settings menu
⋯> Manage extension. - Select Allow in InPrivate.
Chrome
- Click the Chrome menu
⋮> Extensions > Manage extensions to see all your available extensions. - In the Redtrust extension, click Details.
- Enable Allow on incognito.
Firefox
- Click the puzzle icon > Extensions.
- In your computer, go to the Redtrust directory (typically under This PC > OS (C:) > Program Files > RedTrust) and find the
redtrust_firefox_monitor_<version_number>.xpifile. - Drag the file to the browser window you opened in step 1.
- In the dialog box, select Run in Private Windows and click Add.
- Confirm by clicking Ok.
Step 3: Verify the installation
Test the installation by uploading and using a certificate. Follow this tutorial.
Troubleshooting
To monitor the operation of the agent in server mode and detect any configuration issues, the agent generates a series of events in the Windows event log.
These events are categorized as application events named Redtrust and include:
| Event | Level | Description |
|---|---|---|
| Login success | Info | Login established with the server |
| Login failed | Info | Login attempt failed. It's retried automatically. |
| Wrong configuration/InvalidLogin | Error | The configuration type isn't compatible with the server mode. The supported modes are LocalUsers, LDAP, and ActivationCode. |
| Invalid credentials | Error | Redtrust user credentials aren't configured or incorrect. Use rtsetup to correct them. |
| Connection problems with servers | Error | An error occurred while connecting to the server. Check the HTTPS connectivity to the configured port (by default 443). |
| Server Manager Agent System Exception | Error | An internal error has occurred. Contact Redtrust support service indicating the content of this event. |
| Login Failed: Unexpected error | Error | An unexpected error has ocurred while authenticating. Contact Redtrust support service indicating the content of this event. |
| Login Failed: You must change password | Error | Attempt to login with a user who must change the password. Make the change from a non-server agent. |
Uninstallation
You can unistall Redtrust in two ways:
Interactive uninstallation
Use the standard Windows Programs and Features interface to remove Redtrust.
Unattended uninstallation
For unassisted uninstallation, use the msiexec command:
msiexec /x {5F567E45-9801-4122-9213-1731DBC44E11} /q
To retrieve the installed agent's Globally Unique Identifier (GUID)—for example, {5F567E45-9801-4122-9213-1731DBC44E11}— run the following PowerShell command:
> Get-WmiObject -class Win32_Product | ? {$_.Name -eq "redtrust"}
This command will output details such as:
IdentifyingNumber : {5F567E45-9801-4122-9213-1731DBC44E11}
Name : RedTrust
Vendor : Evolium Technologies
Version : 4.10.5
Caption : RedTrust
IdentifyingNumber is the agent GUID to be supplied to msiexec.
Otherwise, you can find the GUID in the Windows registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\.
Search for the entry associated with Redtrust to locate the GUID.