Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

8.2. Configuring Publishing to a File


The general process to configure publishing involves setting up a publisher to publish the certificates or CRLs to the specific location. There can be a single publisher or multiple publishers, depending on how many locations will be used. The locations can be split by certificates and CRLs or finer definitions, such as certificate type. Rules determine which type to publish and to what location by being associated with the publisher.
Publishing to file simply publishes the CRLs or certificates to text files on a given host.
Publishers must be created and configured for each publishing location; publishers are not automatically created for publishing to a file. To publish all files to a single location, create one publisher. To publish to different locations, create a publisher for each location. A location can either contain an object type, like user certificates, or a subset of an object type, like West Coast user certificates.
To create publishers for publishing to files:
  1. Log into the Certificate Manager Console.
    pkiconsole https://server.example.com:8443/ca
    Copy to Clipboard Toggle word wrap
  2. In the Configuration tab, select Certificate Manager from the navigation tree on the left. Select Publishing, and then Publishers.
    The Publishers Management tab, which lists configured publisher instances, opens on the right.
  3. Click Add to open the Select Publisher Plug-in Implementation window, which lists registered publisher modules.
  4. Select the FileBasedPublisher module, then open the editor window.
    This is the module that enables the Certificate Manager to publish certificates and CRLs to files.
  5. Configure the information for publishing the certificate:
    • The publisher ID, an alphanumeric string with no spaces like PublishCertsToFile
    • The path to the directory in which the Certificate Manager should publish the files. The path can be an absolute path or can be relative to the Certificate System instance directory. For example, /export/CS/certificates.
    • The file type to publish, by selecting the checkboxes for DER-encoded files, base-64 encoded files, or both.
    • For CRLs, the format of the timestamp. Published certificates include serial numbers in their file names, while CRLs use timestamps.
    • For CRLs, whether to generate a link in the file to go to the latest CRL. If enabled, the link assumes that the name of the CRL issuing point to use with the extension will be supplied in the crlLinkExt field.
    • For CRLs, whether to compress (zip) CRLs and the compression level to use.
After configuring the publisher, configure the rules for the published certificates and CRLs, as described in Section 8.5, “Creating Rules”.
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat