Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual page 223

Parameter
failover.pod.enable
Table 8.1. Logging
Parameter
conn.can.hostport
conn.can.clientNickname
conn.can.servlet.enrollment
conn.ca1.servlet.revoke
conn.ca1.servlet.unrevoke
conn.can.retryConnect
conn.can.timeout
TPS Configuration Parameters
Description
• 0 - No logging.
• 4 - LL_PER_SERVER. Messages that happen
only during startup or shutdown.
• 6 - LL_PER_CONNECTION. Messages that
happen per connection.
• 8 - LL_PER_PDU. Messages that happen for
every transaction.
• 9 - LL_ALL_DATA_IN_PDU. Dumps all data in
the PDU.
• 10 - All logging.
Specifies whether to use a pod-type failover
mechanism. The valid values are true|
false. If there are two CA connections, two
TKS connections, and two DRM connections
configured from the TPS, when pod-type failover
is enabled, if the TPS fails to connect to the first
CA, for the next enrollment it will use the second
pod, meaning it will connect to the second CA,
DRM, and TKS host and port.
Description
The Certificate Authority hostname and port
number. The format is hostname:port. This
should be the CA's end-entity SSL port.
The client certificate nickname. This certificate
is used by the TPS when connecting to the CA.
This client certificate should be trusted by the
CA, and the client should be a configured CA
agent.
The servlet that performs profile-based certificate
enrollment. The value must be /ca/ee/ca/
profileSubmitSSLClient.
The servlet that performs certificate revocation;
for example, /ca/subsystem/ca/doRevoke.
The servlet that unrevokes a certificate; for
example, /ca/subsystem/ca/doUnrevoke.
The number of times the TPS tries to reconnect
to the CA if the connection fails. The valid values
are integers. For example, 3.
The number of seconds before the TPS times out
after failing to connect to the CA. For example,
30.
201