Installation and Configuration > Configuring Windchill RV&S servers > Configuring Windchill RV&S 13.0.0.0 Server > Prerequisites
Prerequisites
The Windchill RV&S OSLC Server requires the installation of the following software as a prerequisite:
Windchill RV&S 13.0.0.0 server
General requirements for the Windchill RV&S server are mentioned in the Windchill RV&S Installation and Upgrading Guide.
Node.js
For the supported version of Node.js, see the PTC Release Advisor PTC Release Advisor.
* 
You can verify the Node.js version using the node -v and npm -v commands. If any error occurs when running the node -v and npm -v commands, verify the Node.js installation.
SSL certificate and the private key for the SSL certificate
The SSL certificate and the private key is required if the Windchill RV&S OSLC Server is configured for the https protocol. The default protocol scheme supported for the Windchill RV&S OSLC Server is https.
* 
PTC strongly recommends to use your own SSL certificate and private key for configuring the Windchill RV&S OSLC Server.
It is recommended to use CA-signed SSL certificates.
* 
The Windchill RV&S OSLC Server supports platforms that are common to the following software:
Windchill RV&S server
Node.js
For the most current platform support information for Windchill RV&S server, see the PTC Release Advisor.
CORS Setting for OSLC Previews and Delegated UIs
By default, Windchill RV&S allows requests originating from the same domain (and origin), in a web browser. Even if the domain is the same, the origin could be different based on subdomain or port. For example, https://app1.myexample.com and https://app2.myexample.com belong to the same domain but have different origins.
To use Windchill RV&S OSLC previews and OSLC delegated web user interfaces, the request must be from the same domain even if the origins are different based on the subdomain. Such origins must be in the Allowed List.
To add such origins to the Allowed List, CORS (Cross-Origin Resource Sharing) must be set up on the Windchill RV&S server.
Add the following property in the security.properties file :
mks.security.web.cors.allowedOrigins=origin1,origin2,origin3
Multiple origins can be specified as a comma-separated list but they must belong to the same domain. The origins must be in the following format:
https://<hostname>:<port> or https://<hostname|domainname>