Switch to Manual Download and Installation for TheHive#

This topic provides step-by-step instructions for switching from APT and YUM repositories to a manual process for installing and upgrading TheHive, following the APT and YUM repositories deprecation notice.

For instructions on performing the same process for Cortex, see Switch to Manual Download and Installation for Cortex.

Are you concerned?

Use this procedure if you currently install or update TheHive On-Prem on Linux distributions using apt-get install, apt-get upgrade, yum install, or yum update.

You aren't affected if you use the TheHive Cloud Platform or run TheHive through Docker deployments.

If you are a new user, follow the instructions in the step-by-step installation guide.

Prerequisites

Before starting this procedure, check that you have installed the following tools:

Wget or cURL to download package files
GPG to verify the package’s GPG signature
sha256sum to check the SHA256 checksum of the downloaded package

Procedure

DEBRPM

Download the package along with its SHA256 checksum and signature files.

Destination path

Replace /path/to/ with the full local directory path where you want to save the downloaded files.

Using Wget:

wget -O /path/to/<file_name>.deb https://thehive.download.strangebee.com/<major.minor_version>/deb/<file_name>.deb
wget -O /path/to/<file_name>.deb.sha256 https://thehive.download.strangebee.com/<major.minor_version>/sha256/<file_name>.deb.sha256
wget -O /path/to/<file_name>.deb.asc https://thehive.download.strangebee.com/<major.minor_version>/asc/<file_name>.deb.asc

Example:

wget -O /tmp/thehive_5.5.5-1_all.deb https://thehive.download.strangebee.com/5.5/deb/thehive_5.5.5-1_all.deb
wget -O /tmp/thehive_5.5.5-1_all.deb.sha256 https://thehive.download.strangebee.com/5.5/sha256/thehive_5.5.5-1_all.sha256
wget -O /tmp/thehive_5.5.5-1_all.deb.asc https://thehive.download.strangebee.com/5.5/asc/thehive_5.5.5-1_all.deb.asc

Using cURL:

curl -o /path/to/<file_name>.deb https://thehive.download.strangebee.com/<major.minor_version>/deb/<file_name>.deb
curl -o /path/to/<file_name>.deb.sha256 https://thehive.download.strangebee.com/<major.minor_version>/sha256/<file_name>.deb.sha256
curl -o /path/to/<file_name>.deb.asc https://thehive.download.strangebee.com/<major.minor_version>/asc/<file_name>.deb.asc

Example:

curl -o /tmp/thehive_5.5.5-1_all.deb https://thehive.download.strangebee.com/5.5/deb/thehive_5.5.5-1_all.deb
curl -o /tmp/thehive_5.5.5-1_all.deb.sha256 https://thehive.download.strangebee.com/5.5/sha256/thehive_5.5.5-1_all.deb.sha256
curl -o /tmp/thehive_5.5.5-1_all.deb.asc https://thehive.download.strangebee.com/5.5/asc/thehive_5.5.5-1_all.deb.asc

Verify the integrity of the downloaded package.
- Check the SHA256 checksum by comparing it with the provided value.
  
  a. Generate the SHA256 checksum of your downloaded package.
```
sha256sum /path/to/<file_name>.deb
```
  b. Compare the output hash with the official SHA256 value listed in the .sha256 file.
  
  c. If both hashes match exactly, the file integrity is verified. If not, the file may be corrupted or tampered with—don't proceed with installation, and contact the StrangeBee Security Team.
- Verify the GPG signature using the public key.
  
  a. Download the public key at keys.download.strangebee.com using Wget or cURL.
```
wget -O /path/to/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
```
```
curl -o /path/to/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
```
  b. Import the key into your GPG keyring.
```
gpg --import /path/to/strangebee.gpg
```
  c. Verify the downloaded package signature.
```
gpg --verify /path/to/<file_name>.deb.asc /path/to/<file_name>.deb
```
  d. You should see a message stating indicating that the signature is valid and the package is authentic. If you see warnings or errors, don't install the package as its integrity or authenticity can't be confirmed. Report the issue to the StrangeBee Security Team.
Install the package.
- Using apt-get to manage dependencies automatically:
```
sudo apt-get install /path/to/<file_name>.deb
```
- Using dpkg:
```
sudo dpkg -i /path/to/<file_name>.deb
```
  Missing dependencies
  
  While using dpkg, you might encounter warnings about missing dependencies during installation. To resolve this, run the commands described in the Dependencies section of the installation guide.
When switching from the previous repository-based installation, remove the old repository to avoid stale configurations.

Why you should remove the old repository

Keeping the old repository configuration can cause your system to download outdated or conflicting packages during updates, potentially breaking your installation or causing unexpected behavior.
```
sudo rm /etc/apt/sources.list.d/strangebee.list
sudo apt-get update
```

Download the package along with its SHA256 checksum and signature files.

Destination path

Replace /path/to/ with the full local directory path where you want to save the downloaded files.

Using Wget:

wget -O /path/to/<file_name>.rpm https://thehive.download.strangebee.com/<major.minor_version>/rpm/<file_name>.rpm
wget -O /path/to/<file_name>.rpm.sha256 https://thehive.download.strangebee.com/<major.minor_version>/sha256/<file_name>.rpm.sha256
wget -O /path/to/<file_name>.rpm.asc https://thehive.download.strangebee.com/<major.minor_version>/asc/<file_name>.rpm.asc

Example:

wget -O /tmp/thehive-5.5.5-1.noarch.rpm https://thehive.download.strangebee.com/5.5/rpm/thehive-5.5.5-1.noarch.rpm
wget -O /tmp/thehive-5.5.5-1.noarch.rpm.sha256 https://thehive.download.strangebee.com/5.5/sha256/thehive-5.5.5-1.noarch.rpm.sha256
wget -O /tmp/thehive-5.5.5-1.noarch.rpm.asc https://thehive.download.strangebee.com/5.5/asc/thehive-5.5.5-1.noarch.rpm.asc

Using cURL:

curl -o /path/to/<file_name>.rpm https://thehive.download.strangebee.com/<major.minor_version>/rpm/<file_name>.rpm
curl -o /path/to/<file_name>.rpm.sha256 https://thehive.download.strangebee.com/<major.minor_version>/sha256/<file_name>.rpm.sha256
curl -o /path/to/<file_name>.rpm.asc https://thehive.download.strangebee.com/<major.minor_version>/asc/<file_name>.rpm.asc

Example:

curl -o /tmp/thehive-5.5.5-1.noarch.rpm https://thehive.download.strangebee.com/5.5/rpm/thehive-5.5.5-1.noarch.rpm
curl -o /tmp/thehive-5.5.5-1.noarch.rpm.sha256 https://thehive.download.strangebee.com/5.5/sha256/thehive-5.5.5-1.noarch.rpm.sha256
curl -o /tmp/thehive-5.5.5-1.noarch.rpm.asc https://thehive.download.strangebee.com/5.5/asc/thehive-5.5.5-1.noarch.rpm.asc

Verify the integrity of the downloaded package.
- Check the SHA256 checksum by comparing it with the provided value.
  
  a. Generate the SHA256 checksum of your downloaded package.
```
sha256sum /path/to/<file_name>.rpm
```
  b. Compare the output hash with the official SHA256 value listed in the .sha256 file.
  
  c. If both hashes match exactly, the file integrity is verified. If not, the file may be corrupted or tampered with—don't proceed with installation, and contact the StrangeBee Security Team
- Verify the GPG signature using the public key.
  
  a. Download the public key at keys.download.strangebee.com using Wget or cURL.
```
wget -O /path/to/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
```
```
curl -o /path/to/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
```
  b. Import the key into your GPG keyring.
```
gpg --import /path/to/strangebee.gpg
```
  c. Verify the downloaded package signature.
```
gpg --verify /path/to/<file_name>.rpm.asc /path/to/<file_name>.rpm
```
  d. You should see a message stating indicating that the signature is valid and the package is authentic. If you see warnings or errors, don't install the package as its integrity or authenticity can't be confirmed. Report the issue to the StrangeBee Security Team.
Install the package.
- Using yum to manage dependencies automatically:
```
sudo yum install /path/to/<file_name>.rpm
```
- Using dnf to manage dependencies automatically:
```
sudo dnf install /path/to/<file_name>.rpm
```
- Using rpm:
```
sudo rpm -ivh /path/to/<file_name>.rpm
```
  Missing dependencies
  
  While using rpm, you might encounter warnings about missing dependencies during installation. To resolve this, run the commands described in the Dependencies section of the installation guide.
When switching from the previous repository-based installation, deactivate the old repository to avoid stale configurations.

Why you should deactivate the old repository

Keeping the old repository configuration can cause your system to download outdated or conflicting packages during updates, potentially breaking your installation or causing unexpected behavior.

a. Deactivate the repository.
```
```bash
sudo yum-config-manager --disable strangebee
```
```
b. Optional: Remove the repository file.
```
```bash
sudo rm /etc/yum.repos.d/strangebee.repo
sudo yum clean all
```
```

Next steps

Switch to Manual Download and Installation for Cortex