Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE Agents Manual page 21

Accessing Agent Services
can access and use the forms. Operations are performed over SSL, so the server connection uses
HTTPS on the SSL agent port.
The agent services URLs use the following format:
https://hostname:port/subsystem_type/agent/subsystem_type
The hostname can be a fully-qualified domain name, simply the hostname (if it is on an intranet), or an
IPv4 or IPv6 address.
The port is the SSL port number used to access agent services (there are two other SSL ports for
administrative and end user services, as well). The default agent SSL port numbers for the subsystem
are as follows:
• 9443 for the CA
• 10443 for the DRM
• 12889 for the RA
• 11443 for the OCSP
• 7889 for the TPS
The port number may be different if the agent services use a user-defined port set with the -
agent_secure_port when the instance was created with pkicreate.
The subsystem_type type is one of the following:
• ca for the CA
• ra for the RA
• kra for the DRM
• ocsp for the Online Certificate Status Manager
• tps for the TPS
For example, if a CA is installed on a host named server.example.com and is listening on port
9443, the URL to access the agent services interface is https://server.example.com:9443/
ca/agent/ca.
There is also a general services page for each subsystem. The services page has links to the all of the
HTML pages for the subsystem, such as agent and end entities, as well as the administration page
if the subsystem has not yet been configured. The URL for the services page, for this example, is
https://server.example.com:9445/ca/services.
11