14.3. Starting the Subsystem Automatically

Red Hat Enterprise Linux 5.6 has a tool called chkconfig which manages the automatic startup and shutdown settings for each process on the server. This means that when a system reboots, some services can be automatically restarted. chkconfig also defines startup settings for different run levels of the server. chkconfig is explained more in the Red Hat Enterprise Linux documentation, such as the Deployment Guide.
Certificate System subsystems can be managed by chkconfig, so this tool can set whether to restart subsystems automatically. By default, every Certificate System subsystem instance is turned off at every run level in the system, meaning instances must be started and stopped manually. This can be changed by resetting the configuration in chkconfig to on. For example, this automatically restarts Red Hat Directory Server, Administration Server, and the CA:
/sbin/chkconfig --level 2345 dirsrv-admin on
/sbin/chkconfig --level 2345 dirsrv on
/sbin/chkconfig --level 2345 pki-ca on
Make sure the subsystem is listed with the other services.
chkconfig --list | grep subsystem_name
To remove the subsystem from the start list, simply turn the level to off:
chkconfig --level 35 subsystem_name off
Red Hat Enterprise Linux also has a GUI console that can manage chkconfig settings.
chkconfig Settings

Figure 14.1. chkconfig Settings


The start order of services is extremely important, or the subsystems will not function. The Directory Server and Administration Server instances used by the subsystems must be running before the subsystems can be started, and their web services (Tomcat or Apache) must be running before the subsystems are started or their web services will not function.
The default Certificate System chkconfig settings set a start and stop priority for all of the subsystems and their dependent services so that they start and stop in the proper order, as listed in Table 14.1, “Certificate System Processes and Their chkconfig Start Priority”. Processes with a low number for their start priority are started first, so Directory Server, Administration Server, and Tomcat are started before any of the subsystem instances. Likewise, processes with a low number for their shutdown priority are shut down first, so the subsystem processes are stopped before the processes they depend on are stopped.

Table 14.1. Certificate System Processes and Their chkconfig Start Priority

Server Process Name Start Priority Shutdown Priority
Administration Server dirsrv-admin 21 79
Directory Server dirsrv 21 79
Tomcat Server tomcat5 80 20
CA pki-ca 81 19
DRM pki-kra 82 18
OCSP pki-ocsp 83 17
TKS pki-tks 84 16
Apache httpd 85 15
RA 86 14  
TPS pki-tps 87 13