-
Notifications
You must be signed in to change notification settings - Fork 139
Setting up Security Domain
Endi S. Dewata edited this page Nov 30, 2023
·
21 revisions
$ pki-server sd-create \
--name EXAMPLE
$ pki-server sd-subsystem-add \
--subsystem CA \
--hostname pki.example.com \
--unsecure-port 8080 \
--secure-port 8443 \
--domain-manager \
"CA pki.example.com 8443"
To configure a subsystem (e.g. CA) to provide a security domain service:
$ pki-server ca-config-set securitydomain.select new $ pki-server ca-config-set securitydomain.name EXAMPLE $ pki-server ca-config-set securitydomain.host ca.example.com $ pki-server ca-config-set securitydomain.httpport 8080 $ pki-server ca-config-set securitydomain.httpsadminport 8443 $ pki-server ca-config-set securitydomain.checkIP false $ pki-server ca-config-set securitydomain.checkinterval 300000 $ pki-server ca-config-set securitydomain.flushinterval 86400000 $ pki-server ca-config-set securitydomain.source ldap
To configure a subsystem (e.g. KRA) to join the security domain (e.g. in CA):
$ pki-server kra-config-set securitydomain.select existing $ pki-server kra-config-set securitydomain.name EXAMPLE $ pki-server kra-config-set securitydomain.host ca.example.com $ pki-server kra-config-set securitydomain.httpport 8080 $ pki-server kra-config-set securitydomain.httpsadminport 8443
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |