Software installation, accounting settings, chart of accounts, started capital.


Keywords: free and open-source double-entry accounting software.

* the easiest way to install and try Beigesoft™ EIS is installing it on an Android device, because of you don't need to install the Java and the crypto-provider in this case, see Beigesoft™ EIS for Android.

Bob Brown from NY decided to start his own pizza business as sole proprietor. Bob's Pizza makes frozen pizza, so according to NYS. sales taxable food he isn't a sales tax vendor. Bob read IRS 583 Starting a business and elected:

  • calendar tax year

  • account Inventory to calculate costs that decrease his income tax, so he has to use accrual accounting method.

  • FIFO method for pizza ingredients whose cost can't be recognized (e.g. eggs) according IRS Accounting Periods and Methods

Bob chose Beigesoft™ EIS because it's free, it does everything that he needs, it's easy to install and use. In addition, it works as standalone WEB application on a notebook and on an Android tablet with the same SQLite database. Bob can send database from his notebook to his tablet and vise versa. In the future (when it'll be needed) Bob can publish his database on the cloud, Beigesoft™ EIS is ready for high load job. You are able to transfer full data from any EIS's SQlite database into high performance (enterprise ready) MySql or PostgreSql database by using WEB-service (see Import an EIS database by using WEB-service).

Bob installed Java SE 8 (JRE8 from the official Oracle web-site) and Google Chrome on his notebook (Chromium or Opera will do too). Bob downloaded beige-accjet-bin.zip from central Maven repository https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22org.beigesoft%22 or https://repo1.maven.org/maven2/org/beigesoft/beige-accjet/. He extracted the ZIP archive then launched the JAR file beige-accjet-jar-with-dependencies.jar by double click on it or right click and choose Java. You can start any executable JAR from command line (synonyms - "terminal", "command prompt", "power shell") by type command:

java -jar beige-accjet-jar-with-dependencies.jar

Bob should see window like this:

Beigesoft™ EIS start

* The first start takes a time for creating and populating the database, so you should wait for it!

Beigesoft™ EIS standalone versions are always in secure enabled mode, that is they use encrypted (HTTPS) connection and require strong password for authorization, they also use encryption (modern algorithm RSA with 2048bit key and 256bit AES) for safe file (SQlite databases) sharing between computers/tablets. So you should think of a strong password. Think also of the A-Jetty number (it should be different from an A-Jetty’s one on another computer/tablet).

* It seems to be useless to encrypt HTTP traffic and files that are used inside only computer (because of all application on computer has direct access to the EIS SQLite databases), but you are able to run standalone (non-cloud) EIS in "protected from light harmful software mode" (see below).

To make strong and easy to remember password, you should use 2-3 words and several (3-5) digits, e.g. "racooneatstone123"

Bob entered a new A-Jetty number, new password, confirmed it, then he pushed the Start button. If you got error (see title):

Beigesoft™ EIS start error

a) If it's saying:

...org.bouncycastle.operator.OperatorCreationException: unable to create OutputEncryptor: JCE cannot authenticate the provider BC...

then you should install Bouncy Castle crypto-provider in static way:

  1. download bcprov-jdk15on-1.66.jar from https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk15on/1.66/ and bcpkix-jdk15on-1.66.jar from https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk15on/1.66/

  2. put them into [java-home]/lib/ext e.g. "C:\Program Files (x86)\Java\jre[version#8]\lib\ext" (change [version#8] to yours)

Previous step is usually sufficient, otherwise you should also add Bouncy Castle into java.security. Add entry "security.provider.[next_number]=org.bouncycastle.jce.provider.BouncyCastleProvider" into [JAVA_HOME]/lib/security/java.security. On MS Windows copy java.security to your documents folder, edit it then copy back into "C:\Program Files (x86)\Java\jre[version#8]\lib\security".

This is part of java.security for example:

...

security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI

security.provider.9=sun.security.smartcardio.SunPCSC

security.provider.10=sun.security.mscapi.SunMSCAPI

security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider

...

b) If starter.log is saying:

...org.bouncycastle.operator.OperatorCreationException: unable to create OutputEncryptor: Illegal key size or default parameters...

then you should install "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for Java 8" into the folder [JAVA_HOME]/lib/security. For MS Windows you can find these files in folder "C:\Program Files (x86)\Java\jre[version#8]\lib\security\policy\unlimited", otherwise download these from Oracle HTTPS web-site. Encryption with strong keys (long size) protects you (your information) from swindlers, so any law must protect you too.

After A-Jetty has been successfully started (it may takes several minutes for the first time to create database) button with HTTPS address has been appeared:

Beigesoft™ EIS started

A-Jetty's CA (Certificate Authority) certificate ajetty-ca[A-JETTY NUMBER].pem will be in the application folder. You can install it as a trusted Certificate Authority in the browser, otherwise your browser will scare you "your connection is not private ...". This is not true, your connection (HTTPS) is encrypted, and no application can read traffic (your data). The only truth is that A-Jetty’s SSL certificate (HTTPS) is signed by an unknown certificate authority (CA). So after installing A-Jetty's CA certificate, browsers stop showing fearful messages. But you can point browser to accept this site without installing the CA certificate - just push "Advanced", then "Proceed to localhost (unsafe)". In this case (without installing the CA certificate) the red HTTPS sign will be the only problem, the connection will be encrypted well, so software, that can intercept your traffic locally (intercept TCP port e.g. an anti-virus), can't read your data (decrypt your traffic).

Beigesoft™ EIS without CA certificate

Any unencrypted HTTP connection is actually a dangerous thing for you, and browsers until quite recently start to tell you more noticeably about it. It's not only about your data reading/changing/tracking, also, any HTML page (or any downloaded file) comes to your browser by passing through several Internet servers, and when some server is affected by harmful software, then it can inject harmful script (software) in the page or file.

To install A-Jetty's CA certificate on Chrome push the Menu -> Settings -> Advanced -> Manage certificates -> AUTHORITIES and push the IMPORT button, here is Linux example:

Beigesoft™ EIS install CA certificate
Beigesoft™ EIS install CA certificate

On MS Windows switch file extension to all "*.*" in order to select a "*.pem" file, then select "Place all certificates in the following store" and choose "Trusted Root Certificate Authorities", then press the "Finish" button. After that, select this certificate, then push the "Additional" button to restrict its roles (trust settings).

Certificates that aren't signed by a global trusted CA are often used to create private (non-public internet) intranets and for using digital signatures inside an organization (business entity). Here "home-made" A-Jetty's CA is used to create HTTPS intranet inside an only computer, and for secure files sharing between your computers/tablets.

* Here part of screenshots are shown with installed A-Jetty CA certificate (the HTTPS sign is well), and part without it (HTTPS is red).

Then Bob pushed the button HTTPS://localhost:8443/bsa8443, the default browser will open this address. At the first time, the empty database requires to add the first (only) user with strong password, so Bob added himself:

Beigesoft™ EIS adding first user

At first, Bob set accounting settings, he selected the Menu -> Appearance - > Standard -> Accounting -> Accounting settings:

Beigesoft™ EIS settings

Bob changed report page settings: page size to "Letter", in this case the unit of measurement is INCH, font size 3.5mm=0.1378inch. For page size A2-5 use millimeters. Bob set cost precision to 2 decimal places, new COGS algorithm handles this well without the rounding error, see the following articles. Setting Operating month used for restricting the month of the date of any operated document.

Chart of accounts.

Bob changed names of two accounts "started capital" and "retained earnings''. He set "Enabled" for all accounts that he needs. Using subaccounts is a simple and efficient way to manage your chart of accounts. Bob added subaccounts taxes, properties, bank accounts, etc. Expenses screenshot:

Beigesoft™ EIS accounting subaccounts expenses

Then add them into accounts, for example the Employment Taxes Payable account:

Beigesoft™ EIS accounting subaccounts for Employment Taxes Payable

The most types of entities (like expense, tax, debtor, etc.) require to enter ID (non-automatic). For a debtor/creditor you can use its global ID, i.e. TIN or phone number. This is need for replication of distributed databases, i.e. import data from office A to office B. Non-automatic ID allows to insert (create) the same entity with the same ID in all databases at the same time and to work with it, then to replicate (share) the data with no problem. If you got error when you are creating such entity, then probably ID is not unique, e.g. ID=6 for "Owner income tax" is already in use:

For sub-accounts use ID=Account Number + index, e.g. for account "Bank Number=1030" the first sub-account "#1236786817 in Bank" has ID=10301.

Entities like documents, its lines, items (inventory) have automatic replication-ready ID. Replication (sharing) of such entities can be only one-way, and it's impossible to create and use the same entity (e.g. a product) in different databases at the same time.

* If you are editing a form but forget to create a dependent entity, e.g. Employee for document Wage, then you can open Beigesoft™ EIS in another browser tab and create Employee, then go back and press in picker page (1 for example) to refresh it.

At last, the chart of accounts is:

Chart of accounts

Bob's Pizza

Started capital.

Bob opened his checking account #1236786b17 in the Bank on Jan 10 2016 and deposited 40000USD. He made the first accounting entries from the Menu -> Accounting -> Input entries:

Beigesoft™ EIS started capital

* amount in accounting entries always has maximum decimal places - 2 for price precision.

Book's style entries vs Computer's style ones

Accounting entries above is made with computer's style - two classic symmetric entries are made as a single one:

Debit "Cash In Bank.#1236786b17 in Bank" Credit "Bob's Started Capital" for 40,000.00 USD

Classic accounting book entries are equivalent to above one:

Debit Credit

"Cash In Bank.#1236786b17 in Bank" 40,000.00 USD

"Bob's Started Capital" 40,000.00 USD

Running Beigesoft™ EIS in "protected from light harmful software" mode.

Light harmful software hides inside a regular application (not inside an operating system file), or it is any harmful-script, e.g a script on a HTML page. Light harmful software runs under your regular account, and it can read any file that you can read. On UNIX like OS (Linux, ...) you can run Beigesoft™ EIS under another account in the terminal. To do this:

  1. Open terminal and login as ROOT user - command "su", set current directory to "cd /home".

  2. As ROOT add new user "accountant" with password - commands "useradd -m -U accountant", "passwd accountant" and "chmod o-r /home/accountant"

  3. Add shared folder for file exchange: "mkdir /file-exch" and "chmod o+w /file-exch"

  4. Install file manager Midnight Commandor (mc)

  5. Exit from ROOT - "exit"

  6. Copy beige-accjet-bin.zip into /file-exch by using any file manager

  7. Open terminal and login as accountant - "su -l accountant"

  8. Use file manager Midnight mc to install (unpack) Beigesoft™ EIS

Screenshots:

On Ubuntu Linux and Mac OS account root is disabled, and your regular account is able to invoke sudo command, so do that above (only root part) as:

$ cd /home

$ sudo useradd -m -U accountant

$ sudo passwd accountant

$ sudo chmod o-r /home/accountant

$ sudo mkdir /file-exch

$ sudo chmod o+w /file-exch

To start Beigesoft™ EIS in "command line mode" run in the terminal:

java -jar beige-accjet-jar-with-dependencies.jar cli

As a result you (and possible light harmful software, e.g. if your web-browser has enabled macros on HTML page to read your file system) can't read "accountant" files:

Light harmful software can try to match your password and steal your data by making HTTP requests. But you are protected with a strong password and maximum 5 fail login attempts per session (15 minutes):

you should check the secure.log periodically:

Heavy harmful software poisons your operating system, so it can do anything. OS updates might remove it, but complex harmware can fake "OS updates", so you have the only way to heal your computer - completely reinstall OS by using clean, write-protected installation source (e.g. DVD).