blob: 7c1bc9db3a9a67f0eb8a47c247338bb3e239bc9a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
#!/bin/bash
# BEGIN COPYRIGHT BLOCK
# (C) 2010 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
## Always switch into this base directory
## prior to script execution so that all
## of its output is written to this directory
cd `dirname $0`
##
## This script MUST be run as root!
##
ROOTUID=0
OS=`uname`
if [ "${OS}" = "Linux" ] ; then
MY_EUID=`/usr/bin/id -u`
MY_UID=`/usr/bin/id -ur`
USERNAME=`/usr/bin/id -un`
else
printf "ERROR: Unsupported operating system '${OS}'!\n"
exit 255
fi
if [ "${MY_UID}" != "${ROOTUID}" ] &&
[ "${MY_EUID}" != "${ROOTUID}" ] ; then
printf "ERROR: The '$0' script must be run as root!\n"
exit 255
fi
##
## Define DEFAULT PKI Instances
##
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-ca \
-subsystem_type=ca \
-agent_secure_port=9443 \
-ee_secure_port=9444 \
-ee_secure_client_auth_port=9446 \
-admin_secure_port=9445 \
-unsecure_port=9180 \
-tomcat_server_port=9701 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-ca \
-redirect logs=/var/log/pki-ca \
-verbose
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-kra \
-subsystem_type=kra \
-agent_secure_port=10443 \
-ee_secure_port=10444 \
-admin_secure_port=10445 \
-unsecure_port=10180 \
-tomcat_server_port=10701 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-kra \
-redirect logs=/var/log/pki-kra \
-verbose
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-ocsp \
-subsystem_type=ocsp \
-agent_secure_port=11443 \
-ee_secure_port=11444 \
-admin_secure_port=11445 \
-unsecure_port=11180 \
-tomcat_server_port=11701 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-ocsp \
-redirect logs=/var/log/pki-ocsp \
-verbose
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-tks \
-subsystem_type=tks \
-agent_secure_port=13443 \
-ee_secure_port=13444 \
-admin_secure_port=13445 \
-unsecure_port=13180 \
-tomcat_server_port=13701 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-tks \
-redirect logs=/var/log/pki-tks \
-verbose
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-ra \
-subsystem_type=ra \
-secure_port=12889 \
-non_clientauth_secure_port=12890 \
-unsecure_port=12888 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-ra \
-redirect logs=/var/log/pki-ra \
-verbose
pkicreate -pki_instance_root=/var/lib \
-pki_instance_name=pki-tps \
-subsystem_type=tps \
-secure_port=7889 \
-non_clientauth_secure_port=7890 \
-unsecure_port=7888 \
-user=pkiuser \
-group=pkiuser \
-redirect conf=/etc/pki-tps \
-redirect logs=/var/log/pki-tps \
-verbose
|
