DS 1.3 Installation - dogtagpki/pki GitHub Wiki
This page describes the process to prepare a DS 1.3 instance.
Make sure the FQDN has been configured correctly.
$ yum install -y 389-ds-base
To create DS instance:
$ setup-ds.pl --silent\ General.FullMachineName=$HOSTNAME\ General.SuiteSpotUserID=nobody\ General.SuiteSpotGroup=nobody\ slapd.ServerPort=389\ slapd.ServerIdentifier=localhost\ slapd.Suffix=dc=example,dc=com\ slapd.RootDN="cn=Directory Manager"\ slapd.RootDNPwd=Secret.123
When the DS instance is created, it will automatically create the root entry (i.e. dc=example,dc=com
).
To create PKI subtree:
$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF dn: dc=pki,dc=example,dc=com objectClass: domain dc: pki EOF
The subsystem subtrees (e.g. dc=ca,dc=pki,dc=example,dc=com
) will be created when the corresponding subsystems (e.g. CA) are installed.
When all subsystems are created, the tree will look like the following:
dc=example,dc=com + dc=pki + dc=ca + dc=kra + dc=ocsp + dc=tks + dc=tps
To remove DS instance:
$ remove-ds.pl -f -i slapd-localhost
DS log files are available in /var/log/dirsrv/slapd-localhost
:
-
access
-
audit
-
errors