#!/bin/bash # BEGIN COPYRIGHT BLOCK # (C) 2010 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK ## Always switch into this base directory ## prior to script execution so that all ## of its output is written to this directory cd `dirname $0` ## ## This script MUST be run as root! ## ROOTUID=0 OS=`uname` if [ "${OS}" = "Linux" ] ; then MY_EUID=`/usr/bin/id -u` MY_UID=`/usr/bin/id -ur` USERNAME=`/usr/bin/id -un` else printf "ERROR: Unsupported operating system '${OS}'!\n" exit 255 fi if [ "${MY_UID}" != "${ROOTUID}" ] && [ "${MY_EUID}" != "${ROOTUID}" ] ; then printf "ERROR: The '$0' script must be run as root!\n" exit 255 fi ## ## Define DEFAULT PKI Instances ## pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-ca \ -subsystem_type=ca \ -agent_secure_port=9443 \ -ee_secure_port=9444 \ -ee_secure_client_auth_port=9446 \ -admin_secure_port=9445 \ -unsecure_port=9180 \ -tomcat_server_port=9701 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-ca \ -redirect logs=/var/log/pki-ca \ -verbose pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-kra \ -subsystem_type=kra \ -agent_secure_port=10443 \ -ee_secure_port=10444 \ -admin_secure_port=10445 \ -unsecure_port=10180 \ -tomcat_server_port=10701 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-kra \ -redirect logs=/var/log/pki-kra \ -verbose pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-ocsp \ -subsystem_type=ocsp \ -agent_secure_port=11443 \ -ee_secure_port=11444 \ -admin_secure_port=11445 \ -unsecure_port=11180 \ -tomcat_server_port=11701 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-ocsp \ -redirect logs=/var/log/pki-ocsp \ -verbose pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-tks \ -subsystem_type=tks \ -agent_secure_port=13443 \ -ee_secure_port=13444 \ -admin_secure_port=13445 \ -unsecure_port=13180 \ -tomcat_server_port=13701 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-tks \ -redirect logs=/var/log/pki-tks \ -verbose pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-ra \ -subsystem_type=ra \ -secure_port=12889 \ -non_clientauth_secure_port=12890 \ -unsecure_port=12888 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-ra \ -redirect logs=/var/log/pki-ra \ -verbose pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-tps \ -subsystem_type=tps \ -secure_port=7889 \ -non_clientauth_secure_port=7890 \ -unsecure_port=7888 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-tps \ -redirect logs=/var/log/pki-tps \ -verbose