Login PIN.

There is a randomly-generated PIN in the preop.pin parameter in the CS.cfg file in the instance conf/ directory. This is used to log into the configuration wizard.

Security domain information.

CAs can create a new security domain, which requires a unique name and a username and password for the CA agent who administers the domain.

All other subsystems must join an existing security name. Have the username and password of the CA agent who administers the domain.

CA information.

If the subsystem is not a CA, then it is necessary to select a CA from a drop-down menu or add an external CA. If a Certificate System CA is selected, then supply the CA agent username and password.

Subsystem information.

When installing a TPS, the CA and TKS subsystems must be installed and configured before installing the TPS; a DRM subsystem must also be installed and configured if server-side key generation is selected. When configuring the TPS, the TKS and DRM to connect with the TPS are selected from a drop-down list of all subsystems within the security domain. The bind information for the selected subsystems must be available.

Directory Server hostname and port number.

The Certificate System uses the user database of the Directory Server to store its information, and the hostname and port number of the LDAP directory is required for the Certificate System to access the database.

Directory Manager DN and password.

The Certificate System must be able to bind to the user database, so a user ID and password must be supplied to bind to the Directory Server. This user is normally the Directory Manager. The default Directory Manager DN is cn=Directory Manager.

Certificate and key recovery files.

If the subsystem being configured is a clone of another subsystem, then the backup files for the master subsystem must be locally accessible.

Certificate Manager

DRM

OCSP

TKS

TPS