14.5.4. OCSP Instance Information

The directories are instance specific, tied to the instance name. In these examples, the instance name is pki-ocsp; the true value is whatever is specified at the time the instance is created with pkicreate.

Table 14.6. OCSP Instance Information

Setting Value
Ports
Standard port
End users SSL port
Agents port
Admin port
Tomcat port
Instance Name pki-ocsp
Main Directory /var/lib/pki-ocsp
Configuration Directory /etc/pki-ocsp
Configuration File
/etc/pki-ocsp/CS.cfg
/etc/pki-ocsp/password.conf
Subsystem Certificates
OCSP signing certificate
SSL server certificate
Audit log signing certificate
Subsystem certificate[a]
Security Databases /var/lib/pki-ocsp/alias
Log Files /var/lib/pki-ocsp/logs
Install Logs /var/lib/pki-ocsp/logs-install.log
Process File /var/run/pki-ocspocsp.pid
Web Services Files
/var/lib/pki-ocsp/webapps - Agent services
/var/lib/pki-ocsp/webapps.admin - Admin services
[a] The subsystem certificate is always issued by the security domain so that domain-level operations that require client authentication are based on this subsystem certificate.