[Pki-users] pki-ca-9.0.3-30 setup

Taggart, Michelle mdemansana at philasd.org
Tue Oct 1 11:49:49 UTC 2013 

I believe you'll have to also install a theme.  On the CentOS package, themes are not included.


Thanks,

Michelle T

----- Original Message -----
From: Oleg Antonenko <Oleg.Antonenko at adaptivemobile.com>
To: pki-users at redhat.com
Cc: Jindrich Dolezal <Jindrich.Dolezal at adaptivemobile.com>, Ciaran Bradley <Ciaran.Bradley at adaptivemobile.com>
Sent: Tue, 01 Oct 2013 07:08:38 -0400 (EDT)
Subject: [Pki-users] pki-ca-9.0.3-30 setup

Hello there!
Could you help with the CA setup please?

We installed a new machine with CentOS release 6.4 (Final) and installed the pki-ca-9.0.3-30 package.
The command we used for creation was:

pkicreate -pki_instance_root=/var/lib 
 -pki_instance_name=pki-ca 
 -subsystem_type=ca 
 -agent_secure_port=9443 
 -ee_secure_port=9444 
 -ee_secure_client_auth_port=9446 
 -admin_secure_port=9445 
 -unsecure_port=9180 
 -tomcat_server_port=9701 
 -user=pkiuser 
 -group=pkiuser 
 -redirect conf=/etc/pki-ca 
 -redirect logs=/var/log/pki-ca 
 -verbose

After clicking through the wizard and restarting the service:

status:
[root at jdrhel2 ~]# /sbin/service pki-cad status pki-ca
pki-ca (pid 4988) is running... [ OK ]
 Unsecure Port = http://jdrhel2:9180/ca/ee/ca
 Secure Agent Port = https://jdrhel2:9443/ca/agent/ca
 Secure EE Port = https://jdrhel2:9444/ca/ee/ca
 Secure Admin Port = https://jdrhel2:9445/ca/services
 EE Client Auth Port = https://jdrhel2:9446/ca/eeca/ca
 PKI Console Port = pkiconsole https://jdrhel2:9445/ca
 Tomcat Port = 9701 (for shutdown)

 PKI Instance Name: pki-ca
 PKI Subsystem Type: Root CA (Security Domain)

 Registered PKI Security Domain Information:
==========================================================================
 Name: AMSDomain
 URL: https://jdrhel2:9445
==========================================================================

Everything seems to be running, but when i connect to the adresses above, i can see firefox is verifying server certificate, uses personal certificate, but then the page is empty. 
To be precise, there are just two links leading to empty pages: 
 - link 'SSL End Users Services' pointing at https://jdrhel2:9444/ca/ee/ca and 
 - link 'Agent Services' pointing at https://jdrhel2:9443/ca/agent/ca

Is there anything we did wrong or forgot to configure?

Many thanks,
Oleg







_______________________________________________
Pki-users mailing list
Pki-users at redhat.com
https://www.redhat.com/mailman/listinfo/pki-users

More information about the Pki-users mailing list