Installing OpenXPKI CA
- Connect the machine using PuTTY or another client.From the client, run thesudo su -command to go to the root user.Enter the root password.Innano /etc/apt/sources.list, change the source for installing the updates.Update the file. For example:# # deb cdrom:[Debian GNU/Linux 8.11.1 _Jessie_ - Official amd64 CD Binary-1 20190211-02:10]/ jessie local main # deb cdrom:[Debian GNU/Linux 8.11.1 _Jessie_ - Official amd64 CD Binary-1 20190211-02:10]/ jessie local main deb http://security.debian.org/ jessie/updates main deb-src http://security.debian.org/ jessie/updates main # jessie-updates, previously known as 'volatile' # A network mirror was not selected during install. The following entries # are provided as examples, but you should amend them as appropriate # for your mirror of choice. # deb http://ftp.debian.org/debian/jessie-updates main deb-src http://ftp.debian.org/debian/jessie-updates main deb http://ftp.us.debian.org/debian/jessie mainSave the file.Run the following commands:
- apt-get update
- apt-get upgrade
Update the CA certificate lists in the server usingapt-get install ca-certificates.Installen_US.utf8 localeusingdpkg-reconfigure locales.Select theen_US.UTF-8 UTF-8locale, and then make it the default locale for the system.Use the Tab and spacebar keys for selecting and navigating the menu.Check the locales that you have generated usinglocale –a.Sample outputC C.UTF-8 en_IN en_IN.utf8 en_US.utf8 POSIXCopy the fingerprint of the OpenXPKI package usingnano /home/Release.key. For this instance, copy the key in/home.Type9B156AD0 F0E6A6C7 86FABE7A D8363C4E 1611A2BE 2B251336 01D1CDB4 6C24BEF3as the value.Run the following command:gpg --print-md sha256 /home/Release.keyAdd the package using thewget https://packages.openxpki.org/v2/debian/Release.key -O - | apt-key add -command.Add the repository to your source list (jessie) usingecho "deb http://packages.openxpki.org/v2/debian/jessie release" > /etc/apt/sources.list.d/openxpki.list, and thenaptitude update.Install MySQL and Perl MySQL binding usingaptitude install mysql-server libdbd-mysql-perl.Install apache2.2-common usingaptitude install apache2.2-common.Innano /etc/apt/sources.list, install the fastcgi module to speed up the user interface.We recommend usingmod_fcgid.Add thedeb http://http.us.debian.org/debian/jessie mainline in the file, and then save it.Run the following commands:apt-get updateaptitude install libapache2-mod-fcgidEnable the fastcgi module usinga2enmod fcgid.Install the OpenXPKI core package usingaptitude install libopenxpki-perl openxpki-cgi-session-driver openxpki-i18n.Restart the Apache® server usingservice apache2 restart.Check whether the installation is successful usingopenxpkiadm version.If the installation is successful, then the system shows the version of the installed OpenXPKI. For example,Version (core): 2.5.5.Create the empty database, and then assign the database user usingmysql -u root –p.- This command must be typed in the client. Otherwise, you cannot enter the password.
- Type the password for the MySQL. For this instance,rootis the MySQL user.
- openxpkiis the user on which OpenXPKI is installed.
CREATE DATABASE openxpki CHARSET utf8; CREATE USER 'openxpki'@'localhost' IDENTIFIED BY 'openxpki'; GRANT ALL ON openxpki.* TO 'openxpki'@'localhost'; flush privileges;If the MySQL service is not running, then run/etc/init.d/mysql startto start the service.Typequitto exit from MySQL.Store the used credentials in/etc/openxpki/config.d/system/database.yaml.Sample file contentdebug: 0 type: MySQL name: openxpki host: localhost port: 3306 user: openxpki passwd: openxpkiChangeuserandpasswdto match the MySQL user name and password.Save the file.For empty database schema, runzcat /usr/share/doc/libopenxpki-perl/examples/schema-mysql.sql.gz | \mysql -u root --password --database openxpkifrom the provided schema file.Enter the password for the database.