Note: The default script configures only the default realm, ca-one. The CDP and CRLs are not configured.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Unzip the sample script for installing the certificate using gunzip -k /usr/share/doc/libopenxpki-perl/examples/sampleconfig.sh.gz.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Run the script using bash /usr/share/doc/libopenxpki-perl/examples/sampleconfig.sh.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Confirm the setup using openxpkiadm alias --realm ca-one.
Sample output
=== functional token ===
scep (scep):
Alias : scep-1
Identifier: YsBNZ7JYTbx89F_-Z4jn_RPFFWo
NotBefore : 2015-01-30 20:44:40
NotAfter : 2016-01-30 20:44:40
vault (datasafe):
Alias : vault-1
Identifier: lZILS1l6Km5aIGS6pA7P7azAJic
NotBefore : 2015-01-30 20:44:40
NotAfter : 2016-01-30 20:44:40
ca-signer (certsign):
Alias : ca-signer-1
Identifier: Sw_IY7AdoGUp28F_cFEdhbtI9pE
NotBefore : 2015-01-30 20:44:40
NotAfter : 2018-01-29 20:44:40
=== root ca ===
current root ca:
Alias : root-1
Identifier: fVrqJAlpotPaisOAsnxa9cglXCc
NotBefore : 2015-01-30 20:44:39
NotAfter : 2020-01-30 20:44:39
upcoming root ca:
not set
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Check whether the installation is successful using openxpkictl start.
Sample output
Starting OpenXPKI...
OpenXPKI Server is running and accepting requests.
DONE.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Do the following to access the OpenXPKI server:
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
From a web browser, type http://ipaddress/openxpki/.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Log in as Operator. The default password is openxpki.
Note: The Operator login has two preconfigured operator accounts, raop and raop2.
![](https://publications.lexmark.com/media/ids_assets/images/transparent.png)
Create one certificate request, and then test it.