To run RCE on a system, the only prerequisite is an installed Java Runtime Environment (JRE), version 11 or above. If you do not already have one on your machine, you can download it from e.g.

https://adoptium.net/temurin/releases

and install it. Starting with RCE 8.x we only publish 64 bit packages of RCE. Therefore, please make sure to install the 64 bit version of the JRE.

Any software can be tampered with by a malicious attacker. For RCE, the consequences of such tampering may be worse than with other software, since its intended behavior already includes executing arbitrary processes, opening outgoing network connections, and listening for incoming ones. One common safeguard against such tampering is software signing. If the developers sign a software artifact, e.g., a zip-archive or an executable file, the user can verify the signature. This verification confirms that the artifact downloaded onto their machine is identical to the artifact prepared by the software developers and has not been tampered with.

In order to sign a software artifact, the developers combine the artifact and a so-called signing key to form a signature file. The user can then verify the signature using the artifact, the signature file, and a part of the signing key that can only be used for verification, but not for signing. A technical introduction to the minutiae of software signing is out of the scope of this user guide and we refer to the literature for more information on this topic.

While verifying the downloaded artifact is optional, we strongly recommend doing so.

In order to verify the signature of a software, you require

You can find the former two items at https://rcenvironment.de under the menu item Download. The signature file is called SHA256SUM.asc and is available in the same directory as the artifacts. The latter item, i.e., the signing key, is not available via https://rcenvironment.de or linked to in this user guide on purpose: Recall that the purpose of software signing is to protect against compromised communication channels between developers and users. Thus, if the artifact, the signatures, and the signing key were available at the same location, an attacker that takes control over that location could easily forge all three components.

One common way to distribute such keyfiles is via so-called public keyservers. We had previously published the signing key for RCE at the SKS-keyservers, which are no longer available. Nevertheless, we have published the keyfile via https://github.com in the repository called rce-signing owned by the organization rcenvironment. For now, this is the key supplier to use until we determine a new public key server. Please verify the integrity of the obtained keyfile by checking its fingerprint against the one published by us via a trusted channel. We omit giving direct links as well as the key's fingerprint here on purpose. This slightly decreases the chance of attackers directing you toward a forged key.

The precise steps required for signature verification differ from system to system. Commonly, key retrieval and verification is handled by gpg4win (available at https://www.gpg4win.org). Please refer to its documentation in order to verify your downloaded software artifact.

On Windows, we provide a single .zip-file to set up both client and server installations. This file is available at

https://download.rcenvironment.de/rce/10.x/products/standard/releases/latest/zip/

Installing RCE amounts to simply extracting the zip file to a location on your file system.

To use RCE with a graphical user interface (GUI), simply start the "rce" executable from Windows Explorer. Optionally, create a desktop icon from the right-click menu using the "send to > desktop" option.

Once your RCE instance has started, you can open the configuration file with the menu option "Configuration > Open Configuration File". Edit the file, save it, and then restart RCE using the "File > Restart" menu option to apply the changes. There are configuration templates and other information available via the "Configuration > Open Configuration Information" option. The available configuration settings are described in the configuration chapter.

RCE can also be run from the command line without a graphical user interface (which is called "headless" mode), which uses less system resources and is therefore recommended when the GUI is not needed.

To run a headless RCE instance, open a command prompt and run the command

rce --headless -console

While RCE is running, you can enter various console commands described in Section 3.1, “Command Line Parameters”; note that you need to prefix all RCE commands with "rce" here. To perform a clean shutdown, for example, type rce stop and press enter.

Please refer to the section "RCE as a Windows Service" in the "RCE Administration and Security Guide" to install RCE as a service.