Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
tutorial:adm:caw_driver [2022/04/11 12:28] stekld |
tutorial:adm:caw_driver [2022/04/12 08:39] (current) stekld [Example of CAW driver configuration in Appliance] |
||
|---|---|---|---|
| Line 176: | Line 176: | ||
| [root@ca ca]# openssl rand -hex 16 > serial | [root@ca ca]# openssl rand -hex 16 > serial | ||
| </ | </ | ||
| - | - It is also necessary to merge customerCa.conf file with the caw configuration file ca_openssl.cnf and caw_settings.source. | + | - It is also necessary to merge customerCa.conf file with the caw configuration file ca_openssl.cnf and caw_settings.source. The ca_openssl.cnf and caw_settings.source contains preconfigured CA. Follow the comments in the files and edit files by customerCa.conf. |
| - Set a correct permision and owner. .< | - Set a correct permision and owner. .< | ||
| [root@ca czechidm]# chown -Rf 999:998 cert-authority/ | [root@ca czechidm]# chown -Rf 999:998 cert-authority/ | ||
| Line 206: | Line 206: | ||
| [Install] | [Install] | ||
| WantedBy=multi-user.target | WantedBy=multi-user.target | ||
| + | </ | ||
| + | -Enable new service and timer:< | ||
| + | [root@ca czechidm]# systemctl enable iam-crl-refresh.service iam-crl-refresh.timer | ||
| </ | </ | ||
| -The crl has to be available via a web proxy. First, you must mount the file in the Web Proxy container. to file / | -The crl has to be available via a web proxy. First, you must mount the file in the Web Proxy container. to file / | ||