Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
tutorial:adm:caw_driver [2022/04/11 12:28] stekld |
tutorial:adm:caw_driver [2022/04/12 08:39] (current) stekld [Example of CAW driver configuration in Appliance] |
||
---|---|---|---|
Line 176: | Line 176: | ||
[root@ca ca]# openssl rand -hex 16 > serial | [root@ca ca]# openssl rand -hex 16 > serial | ||
</ | </ | ||
- | - It is also necessary to merge customerCa.conf file with the caw configuration file ca_openssl.cnf and caw_settings.source. | + | - It is also necessary to merge customerCa.conf file with the caw configuration file ca_openssl.cnf and caw_settings.source. The ca_openssl.cnf and caw_settings.source contains preconfigured CA. Follow the comments in the files and edit files by customerCa.conf. |
- Set a correct permision and owner. .< | - Set a correct permision and owner. .< | ||
[root@ca czechidm]# chown -Rf 999:998 cert-authority/ | [root@ca czechidm]# chown -Rf 999:998 cert-authority/ | ||
Line 206: | Line 206: | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
+ | </ | ||
+ | -Enable new service and timer:< | ||
+ | [root@ca czechidm]# systemctl enable iam-crl-refresh.service iam-crl-refresh.timer | ||
</ | </ | ||
-The crl has to be available via a web proxy. First, you must mount the file in the Web Proxy container. to file / | -The crl has to be available via a web proxy. First, you must mount the file in the Web Proxy container. to file / |