Enabling Signed Audit - dogtagpki/pki GitHub Wiki
To enable signed audit via pki-server CLI, execute the following command:
$ pki-server ca-audit-config-mod --logSigning True
Then restart the server.
To enable signed audit via TPS UI, go to System → Audit Logging. Disable logging first, click Edit, change the Signed Logging to true, then reenable the Logging.
Then restart the server.
The signed audit can be configured with the following parameters in /var/lib/pki/<instance>/conf/<subsystem>/CS.cfg:
log.instance.SignedAudit.logSigning=true log.instance.SignedAudit.signedAuditCertNickname=<audit signing cert nickname>
Then restart the server.