Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual page 69

NOTE
The DONT_RUN_PKICREATE environment variable can stop the pkicreate script
from running automatically after the subsystems are installed. This allows the default
instances to be installed in user-defined installation directories, instead of the default
locations in /var/lib. It can be preferable to install through the ISO image with this
environment variable set to block the pkicreate script for deployments where the
default instances must be installed in custom locations.
The following options are available for subsystem:
• ca installs the Certificate Authority.
• ra installs the Registration Authority.
• drm installs the Data Recovery Manager.
• ocsp installs the Online Certificate Status Protocol Responder.
• tks installs the Token Key System.
• tps installs the Token Processing System.
• esc installs the Enterprise Security Client.
The force option bypasses any confirmation prompts that may otherwise appear during the
installation.
For example, to install the CA and then the DRM, use the following commands:
rhpki-install -pki_subsystem=ca -pki_package_path=/media/cdrom/RedHat/RPMS -force
rhpki-install -pki_subsystem=drm -pki_package_path=/media/cdrom/RedHat/RPMS -force
The rhpki-install script uses the rpm program on Red Hat Enterprise Linux systems and
pkginfo and pkgadd programs on Solaris 9 systems.
4. When the installation process is complete, a URL to access this instance is printed to the screen
with the following format.
Configuration Wizard listening on http://hostname.domainname:unsecure-port/subsystem_type/
admin/console/config/login?pin=pin
For example, a new CA may have the following URL:
http://server.example.com:9080/ca/admin/console/config/login?pin=Yc6EuvuY2OeezKeX7REk
Installing from an ISO Image
47