Certificate Package Installation Method

This article is intended for users who elect to deploy the Insight Agent with the legacy certificate package installer.

Still need to download the installer?

See the Download page for instructions on how to download the proper certificate package installer for the operating system of your intended asset.

This article covers the following topics:

Requirements

The Insight Agent supports proxies

Both the token-based and certificate package installer types support proxy definitions. If you need to direct your agents to send data through a proxy before reaching the Insight platform, see the Proxy Configuration page for instructions.

Before proceeding with the installation, verify that your intended asset meets all operating system and network requirements noted in the Requirements category of this documentation set. Additionally, check the Application Settings page for any other requirements that may apply depending on the Insight products that you use.

Certificate Package Contents

Your certificate package ZIP file contains the following security files in addition to the installer executable:

  • client.key
  • client.crt
  • config.json
  • cafile.pem

IMPORTANT

These security files must be in the same directory as the installer before you start the installation process.

Agent Attributes for InsightVM

Agent attribute configuration is an optional asset labeling feature for customers using the Insight Agent for vulnerability assessment with InsightVM. Configured exclusively using the command line installation method, InsightVM imports agent attributes as asset tags that you can use to group and sort your assets in a way that is meaningful to your organization.

If you want to install your agents with attributes, check out the Agent Attributes page to review the syntax requirements before continuing with the rest of this article.

Install on Windows

To install the Insight Agent using the certificate package on Windows assets:

  1. Fully extract the contents of your certificate package ZIP file. Make sure that the .msi installer and its dependencies are in the same directory.
  2. Run the .msi installer with Run As Administrator. The Insight Agent will be installed as a service and appear with the name “Rapid7 Insight Agent” in your service manager.

Silent Installation on Windows

NOTE - Administrator privileges required

Your command prompt must have administrator privileges in order to perform a silent installation.

If you want to perform a silent installation of the Insight Agent, you can do so by running one of the following commands on the command line according to your system architecture:

For 32-bit installers and systems: msiexec /i agentInstaller-x86.msi /quietFor 64-bit installers and systems: msiexec /i agentInstaller-x86_64.msi /quiet

Install on Mac and Linux

TIP

All Mac and Linux installations of the Insight Agent are silent by default.

To install the Insight Agent using the certificate package on Mac and Linux assets:

  1. Fully extract the contents of your certificate package ZIP file. Make sure that the .sh installer script and its dependencies are in the same directory.
  2. Run the following command in a terminal to modify the permissions of the installer script to allow execution:
1
chmod u+x agent_installer.sh
  1. Lastly, run the following command to execute the installer script. The Insight Agent will be installed as a service and appear with the name “ir_agent” in your service manager:
1
sudo ./agent_installer.sh install_start

How to Uninstall

If you want to uninstall the Insight Agent from your assets, see the Agent Controls page for instructions.

NOTE - Agent directory retention after uninstalling

In order to quicken agent uninstalls and streamline any potential reinstalls, be aware that agent uninstallation procedures still retain portions of the agent directory on the asset.

If you need to remove all remaining portions of the agent directory, you must do so manually.