The ports and file directories in Table 3.16, “Default Subsystem Instance Ports and File Locations” show the default installation and configuration information.
| Susbsystem | SSL Port | Non-SSL Port | Instance Directory |
|---|---|---|---|
| CA | 9443 | 9080 | /var/lib/rhpki-ca |
| DRM | 10443 | 10080 | /var/lib/rhpki-kra |
| OCSP | 11443 | 11080 | /var/lib/rhpki-ocsp |
| TKS | 13443 | 13080 | /var/lib/rhpki-tks |
| TPS | 7889 | 7888 | /var/lib/rhpki-tps |
The following certificates are created by default when any of the following subsystem instances are installed:
Certificate Manager
CA signing certificate
OCSP signing certificate (for the CA's internal OCSP service)
SSL server certificate
Subsystem certificate
The subsystem certificate is always issued by the security domain so that domain-level operations that require client authentication are based on this subsystem certificate.
DRM
Transport certificate
Storage certificate
SSL server certificate
Subsystem certificate
OCSP
OCSP signing certificate
SSL server certificate
Subsystem certificate
TKS
SSL server certificate
Subsystem certificate
TPS
SSL server certificate
Subsystem certificate