Network Configuration
Enter numbers for the ports to be used for various kinds of communications. On
UNIX, you must be
well-known ports, which are used only if they are not already in use. If these
defaults are not available, a randomly chosen port number is given as the default.
For a discussion of port assignments, see "Deployment Strategy and Port
Assignments" on page 180.
•
SSL administration port (HTTPS) (default is 8200)___________
•
SSL agent port (HTTPS) (default is 8100)__________________
•
SSL end-entity port (HTTPS) (default 443)_________________
•
Non-SSL end-entity port (HTTP) (default 80)_______________
Certificate Manager Configuration
This section summarizes information required to configure a Certificate Manager
as a root or subordinate CA.
CA Signing Certificate
When you install the Certificate Manager, you must supply information for the CA
certificate that the Certificate Manager will use to sign the certificates it issues. This
certificate also functions as the Certificate Manager's SSL client certificate.
CA's Serial Number Range
For most CAs, you only need to enter the starting serial number. When you
configure cloned CAs, you must specify upper and lower bounds for the serial
numbers on all CAs and you must make sure the ranges do not overlap.
•
CA's starting serial number _____________________
Enter the lowest serial number available for this CA to assign to certificates it
creates. You can enter the number in decimal or hexadecimal (0xnn). The
default is 0x1.
to assign ports less than 1024. The default values are
root
Certificate Manager Configuration
Chapter 5
Installation Worksheet
193