Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION Administration Manual page 75

Hide thumbs Also See for CERTIFICATE SYSTEM 7.2 - ADMINISTRATION:
Table of Contents

Advertisement

The options are slightly different between the subsystems; all subsystems except for the CA
subsystem require extra options specifying the Certificate Manager to which to submit the certificate
requests.
Example 2.1, "Silent Installation of a CA"
perl pkisilent ConfigureCA -cs_hostname localhost
-client_certdb_dir /tmp/ -client_certdb_pwd redhat
-preop_pin sYY8er834FG9793fsef7et5 -domain_name "testca" -admin_user admin
-admin_email "admin@redhat.com" -admin_password redhat
-agent_name "rhpki-ca2 agent" -agent_key_size 2048 -agent_key_type rsa
-agent_cert_subject "ca agent cert" -ldap_host server -ldap_port 389
-bind_dn "cn=directory manager" -bind_password redhat
-base_dn "o=rhpki-ca2" -db_name "rhpki-ca2" -key_size 2048 -key_type rsa
-save_p12 true -backup_pwd redhat
Example 2.1. Silent Installation of a CA
Example 2.2, "Silent Installation of a TKS"
this script has extra options to point to the CA server:
perl pkisilent ConfigureTKS -cs_hostname localhost
-ca_hostname server.example.com -ca_port 9080 -ca_ssl_port 9443
-ca_agent_name agent -ca_agent_password redhat
-client_certdb_dir /tmp/ -client_certdb_pwd redhat
-preop_pin fS44I6SASGF34FD76WKJHIW4 -domain_name "testca" -admin_user admin
-admin_email "admin@redhat.com" -admin_password redhat
-agent_name "rhpki-tks2 agent" -ldap_host server -ldap_port 389
-bind_dn "cn=directory manager" -bind_password redhat -base_dn "o=rhpki-tks2"
-db_name "rhpki-tks2" -key_size 2048 -key_type rsa -agent_key_size 2048
-agent_key_type rsa
-agent_cert_subject "tks agent cert" -backup_pwd redhat
Example 2.2. Silent Installation of a TKS
NOTE
The ConfigureCA can be used to create a security domain or to add the CA to an
existing domain; the other scripts only add the subsystem to an existing security domain.
perl pkisilent ConfigureTPS -cs_hostname localhost
-ca_hostname server.example.com -ca_port 9080 -ca_ssl_port 9443
-ca_agent_name agent -ca_agent_password redhat
-client_certdb_dir /tmp/ -client_certdb_pwd redhat
-preop_pin fS44I6SASGF34FD76WKJHIW4 -domain_name "testca" -admin_user admin
-admin_email "admin@redhat.com" -admin_password redhat
-agent_name "rhpki-tks2 agent" -ldap_host server -ldap_port 389
-bind_dn "cn=directory manager" -bind_password redhat -base_dn "o=rhpki-tps2"
-db_name "rhpki-tks2" -key_size 2048 -key_type rsa -agent_key_size 2048
-agent_key_type rsa -agent_cert_subject "tps agent cert" -ldap_auth_host server
-ldap_auth_port 389 -ldap_auth_base_dn "o=TPS DB,dc=example,dc=com"
Example 2.3. Silent Installation of a TPS
For more information on using this tool, see the Certificate System Command-Line Tools Guide.
shows a silent installation script to install a CA subsystem:
-cs_port 9543
shows a silent installation script to install a TKS subsystem;
-cs_port 13543
-cs_port 7988
Silent Installation
55

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the CERTIFICATE SYSTEM 7.2 - ADMINISTRATION and is the answer not in the manual?

Questions and answers

Table of Contents