此内容没有您所选择的语言版本。

6.3. Firewall Configuration


The following table lists the default ports used by Certificate System subsystems:
Table 6.1. Certificate System Default Ports
Service
Port
Protocol
HTTP
8080
TCP
HTTPS
8443
TCP
Tomcat Management
8005
TCP
When you set up Certificate System using the pkispawn utility, you can customize the port numbers. If you use different ports than the defaults listed above, open them correspondingly in the firewall as described in Section 6.3.1, “Opening the Required Ports in the Firewall”. For further details about ports, see Section 5.5.3, “Planning Ports”.
For ports required to access Directory Server, see corresponding section in Opening required ports in the firewall.

6.3.1. Opening the Required Ports in the Firewall

To enable communication between the clients and Certificate System, open the required ports in your firewall:
  1. Make sure the firewalld service is running.
    # systemctl status firewalld
  2. To start firewalld and configure it to start automatically when the system boots:
    # systemctl start firewalld
    # systemctl enable firewalld
  3. Open the required ports using the firewall-cmd utility. For example, to open the Certificate System default ports in the default firewall zone:
    # firewall-cmd --permanent --add-port={8080/tcp,8443/tcp,8009/tcp,8005/tcp}
    For details on using firewall-cmd to open ports on a system, see the Red Hat Enterprise Linux Security Guide or the firewall-cmd(1) man page.
  4. Reload the firewall configuration to ensure that the change takes place immediately:
    # firewall-cmd --reload
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.