This document is addressed to customers and partners and provides information on prerequisites for setting up the CaaS system.
Please address these topics to the respective departments and bring as much information as possible to the kick-off meeting. When the setup phase - consisting of discovery phase, base setup phase and connect & test phase - has started, we need IT experts from the customer present until all questions are clarified. This helps to expedite the setup process.
There are indispensable information that must be provided in advance and are essential for the initial setup of the CaaS system in the base setup phase.
The following table shows prerequisites for setting up environments and related responsibilities.
|Question to Partner and Customer|
Provide all parties' public IPs (including ports) that should be whitelisted during the project phase to gain access to storefront and back office, as well as back end systems.
to be provided
more information required (source (web or application server?), protocol, port, etc.)
|Questions to Partner|
Define the authentication provider:
We want to increase the security in regards to accessing the CaaS system (somebody left the project, but access will not be removed) and want to reduce the effort on both sides when setting up user access (single user account). Because of this we strongly recommend to use a Microsoft account to log in. This is mandatory for Azure DevOps and we want to use this for authentication on Jenkins too.
Provide list of users with name, e-mail and public SSH key to access:
Please note that the following SSH key formats are accepted:
|Questions to Customer|
|VPN and private IP address range|
Do we need to establish a VPN connection to connect any back end services from the customer? Or will access be provided via public internet?
If the answer is yes:
VPN is an additional optional service which can be provided by Intershop.
To set up a VPN, it is necessary to agree on used private IP ranges to prevent network address conflicts.
Default private IP ranges in Intershop ICM CaaS system are as follows:
Define the domains of the webshop for all environments. See Domain Examples below.
Provide SSL certificates for the above domains (dedicated, SAN or a Wildcard Certificate), also see Reference - CaaS FAQ | What are the Requirements for DNS and SSL/TLS Certificates?
|Jenkins||If development is also done by the customer, answer the "Jenkins" questions in the "Partner" section above as well.|
Provide an SMTP service or an endpoint to which Intershop relays customer emails (e.g. order confirmation mails), see Mail Service - Necessary Information below.
Is the mail service already available? If not, when will it be?
Please note, that Intershop provides no mail service. However it is required to have one.
The following table shows domain information including example domains. These must be defined by the customer. See CaaS FAQ - Requirements for DNS and SSL/TLS Certificates.
Best practice example (mydomain.com will be replaced by the customers domain):
|Environment||Cluster||Domain Name |
(to be configured by the customer to point to "CNAME")
The following information must be defined by the customer and is required to connect to a 3rd party mail provider like a Microsoft 365 (Exchange) account. Of course one account can be offered for all environments.
provide via one-time link like https://onetimesecret.com/
1 Outgoing public IP of app servers for ICM clusters (live and edit)
Empty fields (TBD) must be defined/provided.
The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.