Setup
Entry point for setting up the BE-terna Barcode Service: prerequisites and choice of deployment model.
Purpose
This page walks you through the basic setup of the BE-terna Barcode Service and helps you pick the right deployment model. The service ships as a container image and runs either locally on a Windows server or as an Azure Container Instance.
Prerequisites
- Access to the BE-terna Azure Container Registry
becode.azurecr.io. Authentication uses tokens created in ACR. One token or password per customer. - A valid SSL certificate as a
.pfxfile for HTTPS delivery. - Depending on the deployment model:
- On-premises: Windows Server build 22H2 or later, at least 1 CPU core, 1 GB RAM, and 10 GB of free disk space; installed Docker Engine and Docker Compose.
- Azure: active Azure subscription, Azure CLI or Azure portal access, optionally Azure Key Vault with an Azure AD service principal for certificate management.
Recommended order
- Choose the deployment model: on-premises or Azure Container Instance.
- Pull the container image from the registry and start the service.
- Configure the certificate and passwords.
- Maintain the BE-terna Barcode Service setup in Business Central and verify the connection.
Setup building blocks
Pick a deployment model
- On-premises: A good fit when you already run Windows Server infrastructure and want to host the container yourself. See Set up an on-premise container.
- Azure Container Instance: A good fit when the service should run in the cloud without your own server infrastructure. See Set up an Azure Container Instance.
Authentication and passwords
- Use one ACR token per customer instead of the registry admin account.
- Set a strong user password for the BE-terna Barcode Service and configure the same value in the BE-terna Barcode Service setup in Business Central.
- Protect the certificate path and certificate password; the certificate must be reachable inside the container at
C:\certs\cert.pfx.
Verify the connection in Business Central
- In the BE-terna Barcode Service setup, enter the service URL (for example
https://<fqdn>:1880/becode) and the basic authentication credentials. - Use the Check connection action to send a test request to the container.
Process Notes on secure operation Key guardrails for certificates, passwords, and registry access.
- Name the certificate file exactly
cert.pfxand store it in the volume mapped from the host. - Use the default demo password only for testing; always set an individual password in production.
- Do not store ACR tokens in repositories or unencrypted scripts; use Key Vault or a secure variable store.
- In Azure Container Instance, never expose the container publicly without HTTPS or a reverse proxy.
Links