For the Impatient

Since some users might want to get their test version up and running as fast as possible, offered below is an unsupported outline of getting DSpace to run quickly in a Unix-based environment using the DSpace source release.

Only experienced unix admins should even attempt the following without going to the detailed Installation Instructions

useradd -m dspace
gzip xzf dspace-3.x-src-release.tar.gz
createuser -U postgres -d -A -P dspace
createdb -U dspace -E UNICODE dspace
cd [dspace-source]
mkdir [dspace]
chown dspace [dspace]
su - dspace
cd [dspace-source]/dspace
mvn package
cd [dspace-source]/dspace/target/dspace-<version>-build
ant fresh_install
cp -r [dspace]/webapps/* [tomcat]/webapps
/etc/init.d/tomcat start
[dspace]/bin/dspace create-administrator

Hardware Recommendations

You can install and run DSpace on most modern PC, laptop or server hardware. However, if you intend to run DSpace for a large community of potential end users, carefully review following Hardware Recommendations.

Prerequisite Software

The list below describes the third-party components and tools you'll need to run a DSpace server. These are just guidelines. Since DSpace is built on open source, standards-based tools, there are numerous other possibilities and setups.

Also, please note that the configuration and installation guidelines relating to a particular tool below are here for convenience. You should refer to the documentation for each individual component for complete and up-to-date details. Many of the tools are updated on a frequent basis, and the guidelines below may become out of date.

UNIX-like OS or Microsoft Windows

Oracle Java JDK 6 or 7 (standard SDK is fine, you don't need J2EE) or OpenJDK 6 or 7

Oracle's Java can be downloaded from the following location: Again, you can just download the Java SE JDK version.

OpenJDK download and installation instructions can be found here

Apache Maven 2.2.x or higher (Java build tool)

DSpace 1.7.x required usage of Maven 2.2.x, as it did not build properly when using Maven 2.0.x or Maven 3.x. This was a known issue (see DS-788). However, DSpace 1.8.x resolved this issue so that DSpace now builds properly with Maven 2.2.x or above.

Maven is necessary in the first stage of the build process to assemble the installation package for your DSpace instance. It gives you the flexibility to customize DSpace using the existing Maven projects found in the [dspace-source]/dspace/modules directory or by adding in your own Maven project to build the installation package for DSpace, and apply any custom interface "overlay" changes.

Maven can be downloaded from the following location:

Configuring a Proxy

You can configure a proxy to use for some or all of your HTTP requests in Maven 2.0. The username and password are only required if your proxy requires basic authentication (note that later releases may support storing your passwords in a secured keystore‚ in the mean time, please ensure your settings.xml file (usually ${user.home}/.m2/settings.xml) is secured with permissions appropriate for your operating system).



Apache Ant 1.8 or later (Java build tool)

Apache Ant is still required for the second stage of the build process. It is used once the installation package has been constructed in [dspace-source]/dspace/target/dspace-<version>-build and still uses some of the familiar ant build targets found in the 1.4.x build process.

Ant can be downloaded from the following location:

Relational Database: (PostgreSQL or Oracle)

Servlet Engine (Apache Tomcat 5.5 or later, Jetty, Caucho Resin or equivalent)

 If you are using Tomcat 7, we recommend running Tomcat 7.0.30 or above. Tomcat 7.0.29 and lower versions suffer from a memory leak. As a result, those versions of tomcat require an unusual high amount of memory to run DSpace. This has been resolved as of Tomcat 7.0.30. More information can be found in DS-1553

Perl (only required for [dspace]/bin/

Installation Instructions

Overview of Install Options

With the advent of a new Apache Maven 2 based build architecture (first introduced in DSpace 1.5.x), you now have two options in how you may wish to install and manage your local installation of DSpace. If you've used DSpace 1.4.x, please recognize that the initial build procedure has changed to allow for more customization. You will find the later 'Ant based' stages of the installation procedure familiar. Maven is used to resolve the dependencies of DSpace online from the 'Maven Central Repository' server.

It is important to note that the strategies are identical in terms of the list of procedures required to complete the build process, the only difference being that the Source Release includes "more modules" that will be built given their presence in the distribution package.

Overview of DSpace Directories

Before beginning an installation, it is important to get a general understanding of the DSpace directories and the names by which they are generally referred. (Please attempt to use these below directory names when asking for help on the DSpace Mailing Lists, as it will help everyone better understand what directory you may be referring to.)

DSpace uses three separate directory trees. Although you don't need to know all the details of them in order to install DSpace, you do need to know they exist and also know how they're referred to in this document:

  1. The installation directory, referred to as [dspace]. This is the location where DSpace is installed and running off of it is the location that gets defined in the dspace.cfg as "dspace.dir". It is where all the DSpace configuration files, command line scripts, documentation and webapps will be installed to.
  2. The source directory, referred to as [dspace-source] . This is the location where the DSpace release distribution has been unzipped into. It usually has the name of the archive that you expanded such as dspace-<version>-release or dspace-<version>-src-release. Normally it is the directory where all of your "build" commands will be run. 
  3. The web deployment directory. This is the directory that contains your DSpace web application(s). In DSpace 1.5.x and above, this corresponds to [dspace]/webapps by default. However, if you are using Tomcat, you may decide to copy your DSpace web applications from [dspace]/webapps/ to [tomcat]/webapps/ (with [tomcat] being wherever you installed Tomcat‚ also known as $CATALINA_HOME).
    For details on the contents of these separate directory trees, refer to directories.html. Note that the[dspace-source]and[dspace]directories are always separate!

If you ever notice that many files seems to have duplicates under [dspace-source]/dspace/target do not worry about it. This "target" directory will be used by Maven for the build process and you should not change any file in it unless you know exactly what you are doing.


This method gets you up and running with DSpace quickly and easily. It is identical in both the Default Release and Source Release distributions.

  1. Create the DSpace user. This needs to be the same user that Tomcat (or Jetty etc.) will run as. e.g. as root run:

    useradd -m dspace
  2. Download the latest DSpace release. There are two version available with each release of DSpace: (dspace-n.x-release. and dspace-n.x-src-release.zzz); you only need to choose one. If you want a copy of all underlying Java source code, you should download the dspace-n.x-src-release.xxxWithin each version, you have a choice of compressed file format. Choose the one that best fits your environment.
    1. Alternatively, you may choose to check out the latest release from the DSpace GitHub Repository.  In this case, you'd be checking out the full Java source code.  You'd also want to be sure to checkout the appropriate tag or branch. For more information on using / developing from the GitHub Repository, see: Development with Git
  3. Unpack the DSpace software. After downloading the software, based on the compression file format, choose one of the following methods to unpack your software:
    1. Zip file. If you downloaded do the following:

    2. .gz file. If you downloaded dspace-3.x-release.tar.gz do the following:

      gunzip -c dspace-3.x-release.tar.gz | tar -xf -
    3. .bz2 file. If you downloaded do the following:

      bunzip2 | tar -xf -

      For ease of reference, we will refer to the location of this unzipped version of the DSpace release as [dspace-source] in the remainder of these instructions. After unpacking the file, the user may which to change the ownership of the dspace-3.x-release to the 'dspace' user. (And you may need to change the group).

  4. Database Setup
  5. Initial Configuration: Edit [dspace-source]/  This properties file contains the basic settings necessary to actually build/install DSpace for the first time (see Configuration for more detail).  In particular you'll need to set these properties, examples or defaults are provided in the file:
  6. DSpace Directory: Create the directory for the DSpace installation (i.e. [dspace]). As root (or a user with appropriate permissions), run:

    mkdir [dspace]
    chown dspace [dspace]

    (Assuming the dspace UNIX username.)

  7. Build the Installation Package: As the dspace UNIX user, generate the DSpace installation package.

    cd [dspace-source]/dspace/
    mvn package

    Without any extra arguments, the DSpace installation package is initialized for PostgreSQL. If you want to use Oracle instead, you should build the DSpace installation package as follows:
    mvn package

    Without any extra arguments, the DSpace installation package will be initialized using the settings in the [dspace-source]/ file.  However, if you want it to build using a custom properties file, you may specify the "-Denv" (environment) flag as follows:

    mvn -Denv=test package   (would build the installation package using a custom [dspace-source]/ file)

    mvn -Denv=local package   (would build the installation package using a custom [dspace-source]/ file)

    See General Configuration section for more details.

  8. Install DSpace and Initialize Database: As the dspace UNIX user, initialize the DSpace database and install DSpace to [dspace]_:

    cd [dspace-source]/dspace/target/dspace-[version]-build
    ant fresh_install

    To see a complete list of build targets, run: ant help The most likely thing to go wrong here is the database connection. See the Common Problems Section.

  9. Deploy Web Applications: Please note that in the first instance you should refer to the appropriate documentation for your Web Server of choice, the following instructions are meant as a handy guide. You have two choices or techniques for having Tomcat/Jetty/Resin serve up your web applications:

  10. Administrator Account:Create an initial administrator account:

    [dspace]/bin/dspace create-administrator
  11. Initial Startup!Now the moment of truth! Start up (or restart) Tomcat/Jetty/Resin. Visit the base URL(s) of your server, depending on which DSpace web applications you want to use. You should see the DSpace home page. Congratulations! Base URLs of DSpace Web Applications:

In order to set up some communities and collections, you'll need to login as your DSpace Administrator (which you created with create-administrator above) and access the administration UI in either the JSP or XML user interface.

Advanced Installation

The above installation steps are sufficient to set up a test server to play around with, but there are a few other steps and options you should probably consider before deploying a DSpace production site.

'cron' Jobs

A couple of DSpace features require that a script is run regularly – the e-mail subscription feature that alerts users of new items being deposited, and the new 'media filter' tool, that generates thumbnails of images and extracts the full-text of documents for indexing.

To set these up, you just need to run the following command as the dspace UNIX user:

crontab -e

Then add the following lines:

# Send out subscription e-mails at 01:00 every day
0 1 * * *  [dspace]/bin/dspace sub-daily
# Run the media filter at 02:00 every day
0 2 * * *  [dspace]/bin/dspace filter-media
# Run the checksum checker at 03:00
0 3 * * *  [dspace]/bin/dspace checker -lp
# Mail the results to the sysadmin at 04:00
0 4 * * *  [dspace]/bin/dspace checker-emailer -c

Naturally you should change the frequencies to suit your environment.

PostgreSQL also benefits from regular 'vacuuming', which optimizes the indexes and clears out any deleted data. Become the postgres UNIX user, run crontab -e and add (for example):

# Clean up the database nightly at 4.20am
20 4 * * * vacuumdb --analyze dspace > /dev/null 2>&1


Multilingual Installation

In order to deploy a multilingual version of DSpace you have to configure two parameters in [dspace-source]/config/dspace.cfg:

The Locales might have the form country, country_language, country_language_variant.

According to the languages you wish to support, you have to make sure, that all the i18n related files are available see the Multilingual User Interface Configuring MultiLingual Support section for the JSPUI or the Multilingual Support for XMLUI in the configuration documentation.

DSpace over HTTPS

If your DSpace is configured to have users login with a username and password (as opposed to, say, client Web certificates), then you should consider using HTTPS. Whenever a user logs in with the Web form (e.g. their DSpace password is exposed in plain text on the network. This is a very serious security risk since network traffic monitoring is very common, especially at universities. If the risk seems minor, then consider that your DSpace administrators also login this way and they have ultimate control over the archive.

The solution is to use HTTPS (HTTP over SSL, i.e. Secure Socket Layer, an encrypted transport), which protects your passwords against being captured. You can configure DSpace to require SSL on all "authenticated" transactions so it only accepts passwords on SSL connections.

The following sections show how to set up the most commonly-used Java Servlet containers to support HTTP over SSL.

Enabling the HTTPS support in Tomcat 5.0

  1. For Production use: Follow this procedure to set up SSL on your server. Using a "real" server certificate ensures your users' browsers will accept it without complaints. In the examples below, $CATALINA_BASEis the directory under which your Tomcat is installed.
    1. Create a Java keystore for your server with the password changeit, and install your server certificate under the alias "tomcat". This assumes the certificate was put in the file server.pem:

      $JAVA_HOME/bin/keytool -import -noprompt -v -storepass changeit
      	-keystore $CATALINA_BASE/conf/keystore -alias tomcat -file
    2. Install the CA (Certifying Authority) certificate for the CA that granted your server cert, if necessary. This assumes the server CA certificate is in ca.pem:

      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit
      	-trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias ServerCA
      	-file ca.pem
    3. Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:

      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit
      	-trustcacerts -keystore $CATALINA_BASE/conf/keystore  -alias client1
      	-file client1.pem
    4. Now add another Connector tag to your server.xmlTomcat configuration file, like the example below. The parts affecting or specific to SSL are shown in bold. (You may wish to change some details such as the port, pathnames, and keystore password)

      <Connector port="8443"
                    maxThreads="150" minSpareThreads="25"
                    acceptCount="100" debug="0"
                    scheme="https" secure="true" sslProtocol="TLS"
                    keystoreFile="conf/keystore" keystorePass="changeit" clientAuth="true" - ONLY if using client X.509 certs for authentication!
                    truststoreFile="conf/keystore" trustedstorePass="changeit" />

      Also, check that the default Connector is set up to redirect "secure" requests to the same port as your SSL connector, e.g.:

      <Connector port="8080"
                    maxThreads="150" minSpareThreads="25"
                    acceptCount="100" debug="0" />
  2. Quick-and-dirty Procedure for Testing: If you are just setting up a DSpace server for testing, or to experiment with HTTPS, then you don't need to get a real server certificate. You can create a "self-signed" certificate for testing; web browsers will issue warnings before accepting it but they will function exactly the same after that as with a "real" certificate. In the examples below, $CATALINA_BASEis the directory under which your Tomcat is installed.
    1. Optional – ONLY if you don't already have a server certificate. Follow this sub-procedure to request a new, signed server certificate from your Certifying Authority (CA):
      • Create a new key pair under the alias name "tomcat". When generating your key, give the Distinguished Name fields the appropriate values for your server and institution. CN should be the fully-qualified domain name of your server host. Here is an example:

        $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keysize
        	1024 \
          -keystore $CATALINA_BASE/conf/keystore -storepass changeit
        	-validity 365 \
          -dname ', OU=MIT Libraries, O=Massachusetts
        	Institute of Technology, L=Cambridge, S=MA, C=US'
      • Then, create a CSR (Certificate Signing Request) and send it to your Certifying Authority. They will send you back a signed Server Certificate. This example command creates a CSR in the file tomcat.csr

        $JAVA_HOME/bin/keytool -keystore $CATALINA_BASE/conf/keystore \
          -storepass changeit \
          -certreq -alias tomcat -v -file tomcat.csr
      • Before importing the signed certificate, you must have the CA's certificate in your keystore as a trusted certificate. Get their certificate, and import it with a command like this (for the example mitCA.pem):

        $JAVA_HOME/bin/keytool -keystore $CATALINA_BASE/conf/keystore \
        -storepass changeit -import -alias mitCA -trustcacerts -file mitCA.pem
      • Finally, when you get the signed certificate from your CA, import it into the keystore with a command like the following example: (cert is in the file signed-cert.pem)

        $JAVA_HOME/bin/keytool -keystore $CATALINA_BASE/conf/keystore \
          -storepass changeit \
          -import -alias tomcat -trustcacerts -file signed-cert.pem

        Since you now have a signed server certificate in your keystore, you can, obviously, skip the next steps of installing a signed server certificate and the server CA's certificate.

    2. Create a Java keystore for your server with the password changeit, and install your server certificate under the alias "tomcat". This assumes the certificate was put in the file server.pem:

      $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore \
        $CATALINA_BASE/conf/keystore -storepass changeit

      When answering the questions to identify the certificate, be sure to respond to "First and last name" with the fully-qualified domain name of your server (e.g. The other questions are not important.

    3. Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:

      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit \
        -trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias client1 \
        -file client1.pem
    4. Follow the procedure in the section above to add another Connector tag, for the HTTPS port, to your server.xml file.

Using SSL on Apache HTTPD with mod_jk

When using Apache 2.4.2 (and lower) in front of a DSpace webapp deployed in Tomcat, mod_proxy_ajp and possibly mod_proxy_http breaks the connection to the back end (Tomcat) prematurely leading to response mixups. This is reported as bug CVE-2012-3502 ( of Apache and fixed in Apache 2.4.3 (see The 2.2.x branch hasn't shown this problem only the 2.4.x branch has.

If you choose Apache HTTPD as your primary HTTP server, you can have it forward requests to the Tomcat servlet container via Apache Jakarta Tomcat Connector. This can be configured to work over SSL as well. First, you must configure Apache for SSL; for Apache 2.0 see Apache SSL/TLS Encryption for information about using mod_ssl.

If you are using X.509 Client Certificates for authentication: add these configuration options to the appropriate httpd configuration file, e.g. ssl.conf, and be sure they are in force for the virtual host and namespace locations dedicated to DSpace:

##  SSLVerifyClient can be "optional" or
        SSLVerifyClient optional
        SSLVerifyDepth  10
        SSLOptions StdEnvVars ExportCertData

Now consult the Apache Jakarta Tomcat Connector documentation to configure the mod_jk (note: NOT mod_jk2) module. Select the AJP 1.3 connector protocol. Also follow the instructions there to configure your Tomcat server to respond to AJP.

To use SSL on Apache HTTPD with mod_webapp consult the DSpace 1.3.2 documentation. Apache have deprecated the mod_webapp connector and recommend using mod_jk.

To use Jetty's HTTPS support consult the documentation for the relevant tool.

The Handle Server

First a few facts to clear up some common misconceptions:

A Handle server runs as a separate process that receives TCP requests from other Handle servers, and issues resolution requests to a global server or servers if a Handle entered locally does not correspond to some local content. The Handle protocol is based on TCP, so it will need to be installed on a server that can broadcast and receive TCP on port 2641. If your DSpace server sits behind a firewall, also ensure that port 2641 is opened on your firewall as well, both for udp and tcp traffic.

  1. To configure your DSpace installation to run the handle server, run the following command:

    [dspace]/bin/dspace make-handle-config [dspace]/handle-server

    Ensure that [dspace]/handle-server matches whatever you have in dspace.cfg for the handle.dir property.

  2. Edit the resulting [dspace]/handle-server/config.dct file to include the following lines in the "server_config"clause:

    "storage_type" = "CUSTOM"
    "storage_class" = "org.dspace.handle.HandlePlugin"

    This tells the Handle server to get information about individual Handles from the DSpace code.

  3. Once the configuration file has been generated, you will need to go to to upload the generated file. The upload page will ask you for your contact information. An administrator will then create the naming authority/prefix on the root service (known as the Global Handle Registry), and notify you when this has been completed. You will not be able to continue the handle server installation until you receive further information concerning your naming authority.
  4. When CNRI has sent you your naming authority prefix, you will need to edit the config.dct file. The file will be found in /[dspace]/handle-server. Look for "300:0.NA/YOUR_NAMING_AUTHORITY". Replace YOUR_NAMING_AUTHORITY with the assigned naming authority prefix sent to you.
  5. Now start your handle server (as the dspace user):


    Note that since the DSpace code manages individual Handles, administrative operations such as Handle creation and modification aren't supported by DSpace's Handle server.

Updating Existing Handle Prefixes

If you need to update the handle prefix on items created before the CNRI registration process you can run the [dspace]/bin/dspace update-handle-prefix script. You may need to do this if you loaded items prior to CNRI registration (e.g. setting up a demonstration system prior to migrating it to production). The script takes the current and new prefix as parameters. For example:

[dspace]/bin/dspace update-handle-prefix 123456789 1303

This script will change any handles currently assigned prefix 123456789 to prefix 1303, so for example handle 123456789/23 will be updated to 1303/23 in the database.

Google and HTML sitemaps

To aid web crawlers index the content within your repository, you can make use of sitemaps. There are currently two forms of sitemaps included in DSpace: Google sitemaps and HTML sitemaps.

Sitemaps allow DSpace to expose its content without the crawlers having to index every page. HTML sitemaps provide a list of all items, collections and communities in HTML format, whilst Google sitemaps provide the same information in gzipped XML format.

To generate the sitemaps, you need to run [dspace]/bin/dspace generate-sitemaps This creates the sitemaps in [dspace]/sitemaps/

The sitemaps can be accessed from the following URLs:

When running [dspace]/bin/dspace generate-sitemaps the script informs Google that the sitemaps have been updated. For this update to register correctly, you must first register your Google sitemap index page (/dspace/sitemap) with Google at If your DSpace server requires the use of a HTTP proxy to connect to the Internet, ensure that you have set and http.proxy.port in [dspace]/config/dspace.cfg

The URL for pinging Google, and in future, other search engines, is configured in [dspace-space]/config/dspace.cfg using the sitemap.engineurls setting where you can provide a comma-separated list of URLs to 'ping'.

You can generate the sitemaps automatically every day using an additional cron job:

# Generate sitemaps

0 6 * * * [dspace]/bin/dspace generate-sitemaps


DSpace uses the Apache Solr application underlaying the statistics. There is no need to download any separate software. All the necessary software is included. To understand all of the configuration property keys, the user should refer to DSpace Statistic Configuration for detailed information.

Windows Installation

Essentially installing on Windows is the same as installing on Unix so please refer back to the main Installation Instructions section.

Checking Your Installation

The administrator needs to check the installation to make sure all components are working. Here is list of checks to be performed. In brackets after each item, it the associated component or components that might be the issue needing resolution.

Known Bugs

In any software project of the scale of DSpace, there will be bugs. Sometimes, a stable version of DSpace includes known bugs. We do not always wait until every known bug is fixed before a release. If the software is sufficiently stable and an improvement on the previous release, and the bugs are minor and have known workarounds, we release it to enable the community to take advantage of those improvements.

The known bugs in a release are documented in the KNOWN_BUGS file in the source package.

Please see the DSpace bug tracker for further information on current bugs, and to find out if the bug has subsequently been fixed. This is also where you can report any further bugs you find.

Common Problems

In an ideal world everyone would follow the above steps and have a fully functioning DSpace. Of course, in the real world it doesn't always seem to work out that way. This section lists common problems that people encounter when installing DSpace, and likely causes and fixes. This is likely to grow over time as we learn about users' experiences.

Common Installation Issues

General DSpace Issues