Questo contenuto non è disponibile nella lingua selezionata.

6.10. Revocation Routing Configuration

To configure revocation routing, you must first define a list of relevant CA connectors and add them to the connector list in the following format:

tps.connCAList=ca1,ca2

Additionally, you must add the CA signing certificate to the TPS nssdb and set up trust:

#cd <TPS instance directory>/alias

#certutil -d . -A -n <CA signing cert nickname> -t “CT,C,C” -i <CA signing cert b64 file name>

Finally, the nickname of the CA signing certificate must be added to the connector using the following option:

tps.connector.ca1.caNickname=caSigningCert cert-pki-tomcat CA

Note

During CA discovery, the TPS may automatically calculate the Authority Key Identifier of the CA and add it to the connector configuration. For example:

tps.connector.ca1.caSKI=i9wOnN0QZLkzkndAB1MKMcjbRP8=

This behavior is expected.

Questo contenuto non è disponibile nella lingua selezionata.

6.10. Revocation Routing Configuration

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Rendiamo l’open source più inclusivo

Informazioni su Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links