Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION Administration Manual page 69
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.2 - ADMINISTRATION:
- Manual (240 pages) ,
- Reference manual (337 pages) ,
- Release note (24 pages)
Table of Contents
Advertisement
http://server.example.com:9080/ca/admin/console/config/login?pin=kI7E1MByNIUcPJ6RKHmH
Using this URL skips the login screen.
Alternatively, log into the setup wizard through admin link on the services page and supply the
preop.pin value from the CS.cfg file when prompted.
http://server.example.com:9080/ca/services
2. Create a new security domain.
The default CA instance must create a new security domain; subsequent CAs can create a new
domain or join an existing security domain.
3. Enter a name for the new instance.
4. Set up the PKI hierarchy. It is recommended that the first CA be a root, or self-signed, CA,
meaning that it signs its own CA signing certificate rather than submitting its certificates to a third-
party CA for issuance. Subsequent CAs can be subordinate CAs.
5. Fill in the Directory Server hostname, port, bind DN, and bind password.
6. Select the key store token; a list of detected hardware tokens and databases is given.
To determine whether a token is detected by the Certificate System, use the TokenInfo tool. For
more information on this tool, see the Certificate System Command-Line Tools Guide.
7. Set the key size. The default RSA key size is 2048.
8. Optionally, give subject names for the certificates.
9. The next panels generate and show certificate requests, certificates, and key pairs.
If an external CA is used to issue the certificates, configuration cannot go forward until they are
received from the external CA. When they are issued, paste the certificates into this panel to
add them to the CA database, and then proceed with the installation. Click Apply to view the
certificates as they are imported.
10. If the subsystem will ever be cloned, or as a protection if keys or certificates are ever lost, back up
the keys and certificates when prompted.
11. Give the information for the new subsystem administrator.
12. Click Next through the remaining panels to import the agent certificate into the browser and
complete the configuration.
13. When the configuration is complete, restart the subsystem.
/etc/init.d/rhpki-ca restart
Configuring a CA
49
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE