Skip to content

Configuring ACME with PostgreSQL Realm

Endi S. Dewata edited this page Dec 6, 2024 · 1 revision

Overview

This document describes the process to configure ACME responder to use a PostgreSQL realm.

Initializing PostgreSQL Realm

First, prepare a database (e.g. acme) and a user (e.g. acme) to access the database. Verify the database connection with the following command:

$ psql -h $HOSTNAME -d acme -U acme

Next, install PostgreSQL JDBC driver in /usr/share/pki/server/common/lib, for example:

$ dnf install postgresql-jdbc
$ ln -s /usr/share/java/postgresql-jdbc/postgresql.jar /usr/share/pki/server/common/lib

Configuring ACME Realm

A sample PostgreSQL realm configuration is available at /usr/share/pki/acme/realm/postgresql/realm.conf.

To use the PostgreSQL realm, copy the sample realm.conf into the /var/lib/pki/pki-tomcat/conf/acme folder, or execute the following command to customize some of the parameters:

$ pki-server acme-realm-mod --type postgresql \
    -Dpassword=Secret.123

The realm.conf should look like the following:

class=org.dogtagpki.acme.realm.PostgreSQLRealm
url=jdbc:postgresql://<hostname>:5432/acme
user=acme
password=Secret.123

See Also

Clone this wiki locally