Table of Contents
Advertisement
profile.caDualRA2userCert.config=/var/lib/pki-ca/profiles/ca/caDualRA2userCert.cfg
6. Add a new URI mapping to allow the new RA agent to be registered in the new RA group.
a. Open the CA web applications directory, and edit the web.xml file:
cd /var/lib/pki-ca/webapps/ca/WEB-INF
vi web.xml
b. At about line 288 in the web.xml file is the servlet setting for the first RA's user. Copy the
entire entry, including the opening and closing <servlet> tags, and edit the information to
match the second RA's user. For example:
<servlet>
<servlet-name>
<servlet-class> com.netscape.cms.servlet.csadmin.RegisterUser
<init-param><param-name>
<init-param><param-name>
<init-param><param-name>
<init-param><param-name>
<init-param><param-name>
param>
<init-param><param-name>
<init-param><param-name>
param>
</servlet>
c. At about line 2510 in the web.xml file is the servlet-mapping setting for the first RA's user
mapping. Copy the entire entry, including the opening and closing <servlet-mapping>
tags, and edit the information to match the second RA's user. For example:
<servlet-mapping>
<servlet-name>
<url-pattern>
</servlet-mapping>
7. Restart the CA. For example:
service pki-ca restartt
8. Create the new RA instance using the pkicreate.
pkicreate -pki_instance_root=/var/lib -subsystem_type=ra -pki_instance_name=pki-ra2 -
secure_port=12899 -unsecure_port=12898 -verbose -user=pkiuser -group=pkiuser
9. Open the configuration file for the new RA instance, and edit its parameters to reflect the second
RA instance information.
caRegisterRa2User
</servlet-name>
GetClientCert
<param-value> false
authority
<param-value> ca
ID
<param-value> caRegisterRaUser </param-value> </init-param>
AuthMgr
<param-value> TokenAuth </param-value> </init-param>
GroupName
<param-value> Registration Manager2 Agents </param-value> </init-
AuthzMgr
<param-value> BasicAclAuthz </param-value> </init-param>
resourceID
<param-value> certServer.ca.registerUser </param-value> </init-
caRegisterRa2User </servlet-name>
/admin/ca/registerRa2User
Configuring Separate RA Instances
</servlet-class>
</param-name>
</param-value> </init-param>
</param-name>
</param-value> </init-param>
</param-name>
</param-name>
</param-name>
</param-name>
</param-name>
</url-pattern>
73
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8
Related Products for Red Hat CERTIFICATE SYSTEM 8
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE