Chapter 14. Basic Information for Using Certificate System

Using any Certificate System has basic tasks such as editing the configuration file, starting and stopping the server instance and Console, opening web services, and locating logs. This is explained in more detail in the Certificate System Administrator's Guide.

14.1. Starting the Certificate System Console

The CA, DRM, OCSP, and TKS subsystems have a Java interface which can be accessed to perform administrative functions. For the DRM, OCSP, and TKS, this includes very basic tasks like configuring logging and managing users and groups. For the CA, this includes other configuration settings such as creating certificate profiles and configuring publishing.
The Console is opened by connecting to the subsystem instance over its SSL port using the pkiconsole command. This command has the format:
pkiconsole https://server.example.com:admin_port/subsystem_type
The subsystem_type can be ca, kra, ocsp, or tks. For example, this opens the DRM console:
pkiconsole https://server.example.com:10445/kra
If DNS is properly configured, then an IPv4 or IPv6 address can be used to connect to the console. For example:
https://1.2.3.4:9445/ca
https://[00:00:00:00:123:456:789:00:]:9445/ca