Install and configure ImageMagick to work with Experience Manager Assets

Last update: May 3, 2023

CREATED FOR:

  • Admin
CAUTION
AEM 6.4 has reached the end of extended support and this documentation is no longer updated. For further details, see our technical support periods. Find the supported versions here.

ImageMagick is a software plug-in to create, edit, compose, or convert bitmap images. It can read and write images in various formats (over 200) including PNG, JPEG, JPEG-2000, GIF, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear, and transform images. You can also adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses, and curves using ImageMagick.

Use the Adobe Experience Manager media handler from the command line to process images through ImageMagick. To work with various file formats using ImageMagick, see Assets file formats best practices. To know about all supported file formats, see Assets supported formats.

To process large files using ImageMagick, consider higher than usual memory requirements, potential changes required to IM policies, and the overall impact on the performance. The memory requirements are dependent on various factors like resolution, bit depth, color profile, and file format. If you intend to process very large files using ImageMagick, properly benchmark the Experience Manager server. Some helpful resources are provided at the end.

NOTE
If you are using Experience Manager on Adobe Managed Services (AMS), reach out to Adobe Customer Support if you plan to process lots of large PSD or PSB files. Experience Manager may not process very high-resolution PSB files that are more than 30000 x 23000 pixels.

Install ImageMagick

Multiple versions of ImageMagic installation files are available for various operating systems. Use the appropriate version for your operating system.

  1. Download the appropriate ImageMagick installation files for your operating system.

  2. To install ImageMagick on the disk hosting the Experience Manager server, launch the installation file.

  3. Set the path Environment variable to the ImageMagic installation directory.

  4. To check whether the installation was successful, execute the identify -version command.

Set up the command line process step

You can set up the command line process step for your particular use case. Perform these steps to generate a flipped image and thumbnails (140x100, 48x48, 319x319, and 1280x1280) each time you add a JPEG image file to /content/dam on the Experience Manager server:

  1. On the Experience Manager server, go to the Workflow console (https://[aem_server]:[Port]/workflow) and open the DAM Update Asset workflow model.

  2. From the DAM Update Asset workflow model, open the EPS thumbnails (powered by ImageMagick) step.

  3. In the Arguments tab, add image/jpeg to the Mime Types list.

    mime_types_jpeg

  4. In the Commands box, enter the following command:

    convert ./${filename} -flip ./${basename}.flipped.jpg

  5. Select the Delete Generated Rendition and Generate Web Rendition flags.

    select_flags

  6. In the Web Enabled Image tab, specify the details for the rendition with dimensions 1280x1280 pixels. In addition, specify i mage/jpeg in the Mimetype box.

    web_enabled_image

  7. Tap/click OK to save the changes.

    NOTE
    The convert command may not run with certain Windows versions (for example Windows SE), because it conflicts with the native convert utility that is part of Windows installation. In this case, mention the complete path for the ImageMagick utility. For example, specify,
    "C:\Program Files\ImageMagick-6.8.9-Q16\convert.exe" -define jpeg:size=319x319 ./${filename} -thumbnail 319x319 cq5dam.thumbnail.319.319.png

  8. Open the Process Thumbnails step, and add the MIME type image/jpeg under Skip Mime Types.

    skip_mime_types

  9. In the Web Enabled Image tab, add the MIME type image/jpeg under the Skip List. Tap/click OK to save the changes.

    web_enabled

  10. Save the workflow.

  11. To check whether ImageMagic is able to process images properly, upload a JPG image to Assets. Verify whether a flipped image and the renditions are generated for it.

Mitigate security vulnerabilities

There are multiple security vulnerabilities associated with using ImageMagick to process images. For example, processing user-submitted images involves the risk of remote code execution (RCE).

In addition, various image-processing plug-ins depend on the ImageMagick library, including but not limited to PHP’s imagick, Ruby’s rmagick and paperclip, and Node.js’s imagemagick.

If you use ImageMagick or an affected library, Adobe recommends that you mitigate the known vulnerabilities by performing at least one of the following tasks (but preferably both):

  1. Verify that all image files begin with the expected “magic bytes” corresponding to the image file types you support before sending them to ImageMagick for processing.
  2. Use a policy file to disable the vulnerable ImageMagick coders. The global policy for ImageMagick is found at /etc/ImageMagick.
Related Articles
Previous page
Next page

Experience Manager


The Perfect Blend: A New Era of Collaboration with AEM and Workfront

Adobe Customer Success Webinars

Wednesday, Apr 2, 5:00 PM UTC

Explore how Adobe Experience Manager and Workfront integrate to help teams move from ideation to delivery without the usual bottlenecks, ensuring content is organized, on-brand, and ready to go live faster.

Register

Connect with Experience League at Summit!

Get front-row access to top sessions, hands-on activities, and networking—wherever you are!

Learn more

Register now