To run RCE on a system, the only prerequisite is an installed Java Runtime Environment
(JRE), version 11 or above. If you do not already have one on your machine, you can download it from
and
install it. Starting with RCE 8.x we only publish 64 bit packages of RCE. Therefore,
please make sure to install the 64 bit version of the JRE.https://www.java.com/de/download/
Some pre-installed components of RCE have additional dependencies. Please refer to Section 2.3 (Workflow Components) for more details.
Any software can be tampered with by a malicious attacker. For RCE, the consequences of such tampering may be worse than with other software, since its intended behavior already includes executing arbitrary processes, opening outgoing network connections, and listening for incoming ones. One common safeguard against such tampering is software signing. If the developers sign a software artifact, e.g., a zip-archive or an executable file, the user can verify the signature. This verification confirms that the artifact downloaded onto their machine is identical to the artifact prepared by the software developers and has not been tampered with.
In order to sign a software artifact, the developers combine the artifact and a so-called signing key to form a signature file. The user can then verify the signature using the artifact, the signature file, and a part of the signing key that can only be used for verification, but not for signing. A technical introduction to the minutiae of software signing is out of the scope of this user guide and we refer to the literature for more information on this topic.
While verifying the downloaded artifact is optional, we strongly recommend doing so.
In order to verify the signature of a software, you require
the artifact that you want to verify (in this case a .zip-file)
a signature file provided by the signer (in this case provided by us)
the verification part of the signing key.
You can find the former two items at https://rcenvironment.de under the menu
item Download. The signature file is called SHA256SUM.asc
and is available in the same directory as the artifacts.
The latter item, i.e., the signing key, is not available via https://rcenvironment.de or linked to in this
user guide on purpose: Recall that the purpose of software signing is to protect against
compromised communication channels between developers and users. Thus, if the artifact,
the signatures, and the signing key were available at the same location, an attacker
that takes control over that location could easily forge all three components.
One common way to distribute such keyfiles is via so-called public keyservers. We had
previously published the signing key for RCE at the SKS-keyservers, which are no longer
available. Nevertheless, we have published the keyfile via
https://github.com in the repository called
rce-signing owned by the organization rcenvironment.
For now, this is the key supplier to use until we determine a new public key server.
Please verify the integrity of the obtained keyfile by checking its fingerprint against
the one published by us via a trusted channel. We omit
giving direct links as well as the key's fingerprint here on purpose. This slightly
decreases the chance of attackers directing you toward a forged key.
The precise steps required for signature verification differ from system to system. Commonly, key retrieval and verification is handled by gpg4win (available at https://www.gpg4win.org). Please refer to its documentation in order to verify your downloaded software artifact.
On Windows, we provide a single .zip-file to set up both client and server installations. This file is available at
https://software.dlr.de/updates/rce/10.x/products/standard/releases/latest/zip/Installing RCE amounts to simply extracting the zip file to a location on your file system.
Due to restrictions of the standard Windows file system (NTFS), you should choose a destination path that is as short as possible. Long paths are known to cause problems, as some RCE files may not be properly extracted from the zip file.
To use RCE with a graphical user interface (GUI), simply start the "rce" executable from Windows Explorer. Optionally, create a desktop icon from the right-click menu using the "send to > desktop" option.
Once your RCE instance has started, you can open the configuration file with the menu option "Configuration > Open Configuration File". Edit the file, save it, and then restart RCE using the "File > Restart" menu option to apply the changes. There are configuration templates and other information available via the "Configuration > Open Configuration Information" option. The available configuration settings are described in the configuration chapter.
RCE can also be run from the command line without a graphical user interface (which is called "headless" mode), which uses less system resources and is therefore recommended when the GUI is not needed.
To run a headless RCE instance, open a command prompt and run the command
rce --headless -console
While RCE is running, you can
enter various console commands described in Section 3.1, “Command Line Parameters”; note that
you need to prefix all RCE commands with "rce" here. To perform a clean shutdown, for
example, type rce stop and press enter.