11.2. Enabling IPv6 for a Subsystem

Certificate System automatically configures and manages connections between subsystems. Every subsystem must interact with a CA as members of a security domain and to perform their PKI operations.
For these connections, Certificate System subsystems can be recognized by their host's fully-qualified domain name or an IP address. By default, Certificate System resolves IPv4 addresses and host names automatically, but Certificate System can also use IPv6 for their connections. IPv6 is supported for all server connections: to other subsystems, to the administrative console (pkiconsole), or through command-line scripts such as tpsclient:
op=var_set name=ca_host value=IPv6 address
  1. Install the Red Hat Certificate System packages.
  2. Set the IPv4 and IPv6 addresses in the /etc/hosts file. For example:
     vim /etc/hosts
    server.example.com IPv4 address  
     3ffe:1234:2222:2000:202:55ff:fe67:f527         server6.example.com IPv6 address
  3. Then, export the environment variable to use the IPv6 address for the server. For example:
    export PKI_HOSTNAME=server6.example.com
  4. Run pkispawn to create the new instance. The values for the server host name in the CS.cfg file will be set to the IPv6 address.