Product SiteDocumentation Site

Chapter 2. Test Chapter

2.1. Section 1: Port Numbers
2.2. Creating CRL Issuing Points
2.3. Setting Full and Delta CRL Schedules
This chapter is a very good chapter. It has many subsections, lists, and information. For Certificate System, there are several useful things to know: The pkicreate command creates new instances.
The main configuration for an instance is in its CS.cfg file in the /var/lib/instance-name/conf directory.

2.1. Section 1: Port Numbers

The default ports are listed in Table 1, “Default Port Assignments for Certificate System 8.0.”
Subsystem Standard End-Entity Agent SSL Admin SSL Tomcat
CA 9180 9444 9443 9445 9701
Table 2.1. Default Port Assignments for Certificate System 8.0

To change a port number for a CA, RA, DRM, OCSP, or TKS subsystem:
  1. Stop the subsystem instance.
  2. Open the instance's configuration directory.
    cd /var/lib/subsystem_name/conf
  3. Open the server.xml file, and edit the appropriate port numbers.
    For example:
     #Define a non-SSL HTTP/1.1 Connector on port 8080
     <Connector port="9180" maxHttpHeaderSize="8192"
     # Define a SSL HTTP/1.1 Connector on port 8443
     <Connector port="9443" maxHttpHeaderSize="8192"
  4. Restart the subsystem.