14.5.7. Shared Certificate System Subsystem File Locations

There are some directories used by or common to all Certificate System subsystem instances for general server operations, listed in Table 14.9, “Subsystem File Locations”.

Table 14.9. Subsystem File Locations

Directory Location Contents
/var/lib/instance_name Contains the main instance directory, which is the location for user-specific default and customized configuration files, profiles, certificate databases, web files, and other files for the subsystem instance.
/usr/share/java/pki Contains Java archive files shared by the Certificate System subsystems. Along with shared files for all subsystems, there are subsystem-specific files in subfolders:
pki/ca/ (CA)
pki/kra/ (DRM)
pki/ocsp/ (OCSP)
pki/tks/ (TKS)
Not used by the RA or TPS subsystems.
/usr/share/pki Contains common files and templates used to create Certificate System instances. Along with shared files for all subsystems, there are subsystem-specific files in subfolders:
pki/ca/ (CA)
pki/kra/ (DRM)
pki/ocsp/ (OCSP)
pki/ra/ (RA)
pki/tks/ (TKS)
pki/tps (TPS)
/usr/bin Contains the pkicreate and pkiremove instance configuration scripts and tools (Java, native, and security) shared by the Certificate System subsystems.
/var/lib/tomcat5/common/lib Contains Java archive files shared by local Tomcat web applications and shared by the Certificate System subsystems. Not used by the TPS or RA subsystems.
/var/lib/tomcat5/server/lib Contains Java archive files used by the local Tomcat web server and shared by the Certificate System subsystems. Not used by the TPS or RA subsystems.
/usr/lib/httpd/modules
/usr/lib64/httpd/modules
Contains Apache modules shared by TPS and RA subsystems. Not used by the CA, DRM, OCSP, or TKS subsystems.
/usr/lib/mozldap
/usr/lib64/mozldap
Mozilla LDAP SDK tools shared by TPS and RA subsystems. Not used by the CA, DRM, OCSP, or TKS subsystems.