[Pki-devel] The Why's of PKI

Andrew Wnuk awnuk at redhat.com
Wed Sep 14 20:55:49 UTC 2011


On 09/14/2011 01:52 PM, Chandrasekar Kannan wrote:
> On 09/14/2011 01:44 PM, Adam Young wrote:
>>
>>>>
>>>> Is using different ports for CA and DRM (an so forth)  merely an 
>>>> artifact of using multiple servers, or is there an additional  
>>>> reason to do so?
>>>
>>> Pkicreate tool allows selecting any ports.  Pkicreate also suggests 
>>> ports for out of the box ease of use.
>>
>> There must be more to the story than this.  I tried running pkicreate 
>> with two of the subsystems using the same port
>>
>>
>> -agent_secure_port=8443 -ee_secure_port=8443
>>
>> And when it runs I get the error
>>
>> [error] Invalid port numbers submitted!
>>
>>
>> Is there some reason that these cannot be the same port, or is it 
>> just convention.  Does the agent use some protocol other than HTTP?  
>> I get this error is I try to use the same port for any two 
>> *_secure_port  values.
>
> one is for regular ssl. other is for ssl with "client auth".
>
> - Chandra
>

Adam can also check docs for more details:
http://docs.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.1/html/Command-Line_Tools_Guide/Create_and_Remove_Instance_Tools.html#Create_and_Remove_Instance_Tools-pkicreate

>
>>
>>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel




More information about the Pki-devel mailing list