From Fedora Project Wiki

Revision as of 19:10, 8 December 2011 by Kashyapc (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Description

Dogtag Certificate System setup and configuration


How to test

  1. First, prerequisites, Java OpenJDK, 389-ds-base needs to be installed.And configure the basic DS instance using setup-ds.pl(accept all defaults)
    $ yum install java-1.6.0-openjdk
    $ yum install 389-ds-base
    $ /usr/sbin/setup-ds.pl
  2. Next,is to install all main dogtag PKI packages
    yum install pki-ca pki-ra pki-kra pki-ocsp pki-tks pki-tps pki-console --enablerepo=updates-testing
  3. Next, Once installed, create instances for each subsystem using the /usr/bin/pkicreate command(see pkicreate --help for more). The below is an example of creating an instance of CA(Certificate Authority) subsystem 
    

    =======================================================
    

    pkicreate -pki_instance_root=/var/lib        \
    

    -pki_instance_name=pki-ca          \
    

    -subsystem_type=ca                 \
    

    -agent_secure_port=9443            \
    

    -ee_secure_port=9444               \
    

    -admin_secure_port=9445            \
    

    -unsecure_port=9180                \
    

    -tomcat_server_port=9701           \
    

    -user=pkiuser                      \
    

    -group=pkiuser                     \
    

    -redirect conf=/etc/pki-ca         \
    

    -redirect logs=/var/log/pki-ca     \
    

    -verbose
    

    ========================================================
    4. 

  4. Once the instance creation is finished from step-1, go through configuration wizard for CA and finish installation (or use the pkisilent script to silently configure. see 'pki-silent' package and it's template file '/usr/share/pki/silent/pki_silent.template' )


Silent script for CA: 
Note-replace the  -bind_password appropriately from your step-1



http://kashyapc.fedorapeople.org/dogtag-pki/pkisilent-scripts/ca-silent.bash 



  • Now, try to Configure the  rest of the subsystems(RA,OCSP,KRA,TKS,TPS) by creating instances using 'pkicreate' (again see 'pkicreate' syntax for help)



Expected Results


The following must be true to consider this a successful test run. Be brief ... but explicit. 



  1. Step #1 completes without error
    2. 

  2. Step #2 completes without error
    3. 

  3. Step #3 CA Instance gets created successfully
    4. 

  4. Step #4 CA instance should be configured fine(and respectively other subsystems)














Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_Dogtag_Certificate_System_Configure&oldid=263018"