Configuring Connection to Internal Database - dogtagpki/pki GitHub Wiki

Plain LDAP Connection

internaldb.ldapconn.host=server.example.com
internaldb.ldapconn.port=389
internaldb.ldapconn.secureConn=false

LDAPS Connection

To enable SSL connection in PKI server, see Enabling SSL Connection with Internal Database.

To configure SSL connection in PKI server, edit CS.cfg:

internaldb.ldapconn.host=server.example.com
internaldb.ldapconn.port=636
internaldb.ldapconn.secureConn=true

Then restart PKI server:

$ systemctl restart [email protected]

TCP Options

In PKI 10.4 the TCP Keep-Alive option is enabled by default. It can be configured globally with the following parameter in CS.cfg:

tcp.keepAlive=true

Java does not provide a way to configure other TCP Keep-Alive settings. They need to be configured in the following files in /proc/sys/net/ipv4:

  • tcp_keepalive_intvl

  • tcp_keepalive_probes

  • tcp_keepalive_time

See Also

Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️