Reference - Intershop Commerce Platform - Mandatory Prerequisites


This document is addressed to customers and partners and provides information on prerequisites for setting up the system.

Please address these topics to the respective departments and bring as much information as possible to the kickoff meeting. When the setup phase - consisting of discovery phase, base setup phase, and connect & test phase - has started, we need IT experts from the customer present until all questions are clarified. This helps to expedite the setup process.


Mandatory Prerequisites

There are indispensable information that must be provided in advance and are essential for the initial setup of the system in the base setup phase.

The following table shows prerequisites for setting up environments and related responsibilities.


All information should be provided after the kickoff with Intershop and will be documented in a Confluence page in the provided customer space. Please do not send this information in advance per e-mail.
Question to Partner and Customer

Access to:

  • Storefront and back office (ICM, IOM)
  • Backend systems (e.g. ERP, PIM, etc.)

Provide all parties' public IPs (including ports) that should be whitelisted during the project phase to gain access to storefront and back office, as well as backend systems.

Intershop (OPS)




  • Ports 22, 80, 443
    • (warning) (Jena)
    • (warning) (Monitoring)
  • Ports 80, 443
    •  (question) TBD (location/usage like London office or ERP service)
  • Ports 22, 80, 443
    •  (question) TBD (location/service name like Berlin office or VPN gateway)
  •  (question) TBD by Intershop after setup

(question) to be provided

(warning) to do

(tick) done (whitelisted)

(error) more information required (source (web or application server?), protocol, port, etc.)

Questions to Partner

Define the authentication provider:

We want to increase the security in regards to accessing the Intershop Commerce Platform (somebody left the project, but access will not be removed) and want to reduce the effort on both sides when setting up user access (single user account). Therefore, we strongly recommend to use a Microsoft account to log in. This is mandatory for Azure DevOps and we want to use this for authentication on Jenkins, too.

Provide list of users with name, e-mail and public SSH key to access:

  • CI/CD service (Azure DevOps), if necessary/relevant
  • Jenkins (to run jobs like deployment)
  • INT Environment (access developer environment via SSH connection)

Please note that the following SSH key formats are accepted:

  • ssh-rsa (the default value)
  • ssh-ed25519
  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
Questions to Customer
VPN and private IP address range

Do we need to establish a VPN connection to connect any backend services from the customer? Or will access be provided via public internet?

See also CaaS FAQ - How to set up a VPN? (if necessary)

If the answer is yes:

  • Will a VPN be used to connect the backend services?
  • Will a VPN be used by customer employees to connect to Intershop services?

VPN is an additional optional service which can be provided by Intershop.

To set up a VPN, it is necessary to agree on used private IP ranges to prevent network address conflicts.

Default private IP ranges in the Intershop ICM system are as follows:


IP range (default)Purpose INT UAT PRD

10.2.x.y or 10.3.x.y can also be used instead of the 10.1.x.y. Please check the potential IP conflicts with all ranges.

Alternative A

IP range (default)Purpose INT UAT PRD

172.22.x.y or 172.23.x.y can also be used instead of the 172.21.x.y. Please check the potential IP conflicts with all ranges.

Alternative B

IP range (default)Purpose INT UAT PRD

Define the domains of the web shop for all environments. See Domain Examples below.

SSL Certificates

Provide SSL certificates for the domains described above (dedicated, SAN or a Wildcard Certificate), also see Reference - CaaS FAQ | What are the Requirements for DNS and SSL/TLS Certificates?

JenkinsIf development is also done by the customer, answer the questions regarding Jenkins in the "Partner" section above as well.
Mail Service

Provide an SMTP service or an endpoint to which Intershop relays customer e-mails (e.g. order confirmation mails), see Mail Service - Necessary Information below.

Is the mail service already available? If not, when will it be available? 

Please note that Intershop does not provide any mail service. However, it is required to have one.

See Reference - CaaS FAQ | How to Configure the Mail Service of ICM?

Domain Examples

The following table shows domain information including example domains. These must be defined by the customer. See CaaS FAQ - Requirements for DNS and SSL/TLS Certificates.

For the PWA, domains are necessary for the storefront and the backend, which includes backoffice and REST API. For classic storefront, they are identical.

Best practice example ( will be replaced by the customer's domain):


EnvironmentClusterDomain Name
(to be configured by the customer to point to "CNAME")

Backend (Backoffice and REST API)

EnvironmentClusterDomain Name
(to be configured by the customer to point to "CNAME")

Mail Service - Necessary Information

The following information must be defined by the customer and is required to connect to a 3rd party mail provider like a Microsoft 365 (Exchange) account. Of course, one account can be offered for all environments.

  • Live: TBD
  • Edit: TBD
  • Live: TBD
  • Edit: TBD
  • Live: TBD
  • Edit: TBD







Provide via one-time link like 

Outgoing public IP of app servers for ICM clusters (live and edit)

Empty fields (TBD) must be defined/provided.

The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.
The Intershop Knowledge Portal uses only technically necessary cookies. We do not track visitors or have visitors tracked by 3rd parties. Please find further information on privacy in the Intershop Privacy Policy and Legal Notice.
Knowledge Base
Product Releases
Log on to continue
This Knowledge Base document is reserved for registered customers.
Log on with your Intershop Entra ID to continue.
Write an email to if you experience login issues,
or if you want to register as customer.