DS 1.3 Installation - dogtagpki/pki GitHub Wiki

Overview

This page describes the process to prepare a DS 1.3 instance.

Make sure the FQDN has been configured correctly.

Installation

$ yum install -y 389-ds-base

Creating DS Instance

To create DS instance:

$ setup-ds.pl --silent\
 General.FullMachineName=$HOSTNAME\
 General.SuiteSpotUserID=nobody\
 General.SuiteSpotGroup=nobody\
 slapd.ServerPort=389\
 slapd.ServerIdentifier=localhost\
 slapd.Suffix=dc=example,dc=com\
 slapd.RootDN="cn=Directory Manager"\
 slapd.RootDNPwd=Secret.123

Creating PKI Subtree

When the DS instance is created, it will automatically create the root entry (i.e. dc=example,dc=com).

To create PKI subtree:

$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
dn: dc=pki,dc=example,dc=com
objectClass: domain
dc: pki
EOF

The subsystem subtrees (e.g. dc=ca,dc=pki,dc=example,dc=com) will be created when the corresponding subsystems (e.g. CA) are installed.

When all subsystems are created, the tree will look like the following:

dc=example,dc=com
+ dc=pki
  + dc=ca
  + dc=kra
  + dc=ocsp
  + dc=tks
  + dc=tps

Removing DS Instance

To remove DS instance:

$ remove-ds.pl -f -i slapd-localhost

Log Files

DS log files are available in /var/log/dirsrv/slapd-localhost:

  • access

  • audit

  • errors

See Also

⚠️ **GitHub.com Fallback** ⚠️