Configuring OpenXPKI CA using default script
  1. guides
  2. en
  3. Administrator's Guide
  4. Managing certificates
  5. Managing certificates using OpenXPKI Certificate Authority through SCEP
  6. Configuring OpenXPKI CA
  7. Configuring OpenXPKI CA using default script

Configuring OpenXPKI CA using default script

The default script configures only the default realm,
ca-one
. The CDP and CRLs are not configured.
  1. Unzip the sample script for installing the certificate using
    gunzip -k /usr/share/doc/libopenxpki-perl/examples/sampleconfig.sh.gz
    .
  2. Run the script using
    bash /usr/share/doc/libopenxpki-perl/examples/sampleconfig.sh
    .
  3. Confirm the setup using
    openxpkiadm alias --realm ca-one
    .
    Sample output
    === functional token ===
scep (scep):
Alias    : scep-1
Identifier: YsBNZ7JYTbx89F_-Z4jn_RPFFWo
NotBefore : 2015-01-30 20:44:40
NotAfter  : 2016-01-30 20:44:40

vault (datasafe):
Alias    : vault-1
Identifier: lZILS1l6Km5aIGS6pA7P7azAJic
NotBefore : 2015-01-30 20:44:40
NotAfter  : 2016-01-30 20:44:40

ca-signer (certsign):
Alias    : ca-signer-1
Identifier: Sw_IY7AdoGUp28F_cFEdhbtI9pE
NotBefore : 2015-01-30 20:44:40
NotAfter  : 2018-01-29 20:44:40

=== root ca ===
current root ca:
Alias     : root-1
Identifier: fVrqJAlpotPaisOAsnxa9cglXCc
NotBefore : 2015-01-30 20:44:39
NotAfter  : 2020-01-30 20:44:39

upcoming root ca:
  not set
  4. Check whether the installation is successful using
    openxpkictl start
    .
    Sample output
    Starting OpenXPKI...
OpenXPKI Server is running and accepting requests.
DONE.
  5. Do the following to access the OpenXPKI server:
    1. From a web browser, type
      http://ipaddress/openxpki/
      .
    2. Log in as
      Operator
      . The default password is
      openxpki
      .
      The Operator login has two preconfigured operator accounts,
      raop
       and
      raop2
      .
  6. Create one certificate request, and then test it.

This site uses cookies for various purposes including enhancing your experience, analytics, and ads. By continuing to browse this site or by clicking "Accept and close", you agree to our use of cookies. For more information, read our Cookies page.