Render Client - Ports to open and installation
Prerequisites for communication
The operation of the censhare Renderer is only possible if the following conditions are met:
Do not block any ports between censhare Server and the Renderer.
Implemented in Renderer 4.0.2: The RMI configuration can be defined in the general setup of the Render Client. It is also possible to define a preconfigured setup for all Render Client in the "javarender-preferences.xml" file on the server.
There has to be a clean configuration: the hostname of the renderer must be identical to the DNS name. This allows the censhare Server to find the renderer.
The connection establishment
When the censhare Renderer has successfully connected to the censhare Server the Server tries to set up a connection to the Renderer. This part of the communication fails unless both conditions are met.
If no port configurations have been programmed, the render uses any high port to connect to the server and waits for a reverse connection at this unpredictable port.
The "timeout" error message from Renderer when connecting to the InDesign instance points to a problem with the ports for reverse communication from the censhare Server to the Renderer. Another error message which points in this direction is the following message in the server-0.0.log.
"com.censhare.server.rmi.RMIServerException[java.rmi.ConnectException]: Connection refused to host"
The censhare Server uses any source port for the reverse communication to the defined Renderer Port (for example, 30546). This behavior is defined by the TCP standard. Therefore, no source ports from the censhare Server to the Renderer must be blocked. For this reason, it is also not allowed to restrict the Render Client on the Renderer machine to one remote port ( = source port on the censhare Server) using a local firewall. Here all ports must be open.
For more information, see this http://en.wikipedia.org/wiki/Transmission_Control_Protocol#TCP_ports.
Configuration
Configure the local port configuration on the censhare Rendererer, for example with port 30546, as follows:
"File/Preferences/General" menu
Do not select the "Detect layout processes automatically (No SOAP communication possible)" field.
Change the "Type" field in the "RMI configuration" section to "Port Range".
Click on the "+"-button for defining the Layout application. Select the InDesign Server version and local" or "SOAP with port" for the protocol field ". (Adapt the "start.bat" for the InDesign Server according to the preceding configuration and start the InDesign Server using this. The SOAP port for the InDesign Server has to be clear in the incoming direction at the local firewall, too.)
In the "Renderer port range" field from 30546 to 30546.
Enter the port also in the "hosts.xml" of the Renderer: url="rmis://censhareServerName:30546/corpus.RMIServerSSL"
At the firewall set the local port to "30546" and the remote port to "all" for the incoming rule for the censhare Renderer application.
The communication on the Renderer is now using port 30546.
Port configuration in the Render Client, here using port 30546
Test the correct firewall configuration creating a connection on the censhare Server with the Renderer using a terminal: telnet 30546 .
If you cannot establish a connection the firewall configuration still has to be improved. Please, check the settings again.
Example configurations
All high ports
<connection merge-policy="initial"
type="standard"
client-map-host-from=""
client-map-host-to=""
client-map-port-from="0"
client-map-port-to="0"
client-map-port-to="30543"
server-port-range-to="30546"
server-bind-addr=""
send-buffer-size="0"
receive-buffer-size="0"
socket-connect-timeout="15000"
socket-read-timeout="130000"
socket-accept-timeout="0"/>
Limited to Port 30543
<connection
type="port-range"
client-map-host-from=""
client-map-host-to=""
client-map-port-from="0"
client-map-port-to="0"
server-port-range-from="30543"
server-port-range-to="30543"
server-bind-addr=""
send-buffer-size="0"
receive-buffer-size="0"
socket-connect-timeout="15000"
socket-read-timeout="130000"
socket-accept-timeout="0"/>