Skip to Content Information Center
Markvision Enterprise

Markvision Enterprise

Setting up the webserver

  1. Run the following commands:

    • a2enmod ssl rewrite headers
    • a2ensite openxpki
    • a2dissite 000-default default-ssl
    • mkdir -m755 -p /etc/openxpki/tls/chain
    • cp /etc/certs/openxpki_democa/ca-root-1.crt /etc/openxpki/tls/chain/
    • cp /etc/certs/openxpki_democa/ca-signer-1.crt /etc/openxpki/tls/chain/
    • c_rehash /etc/openxpki/tls/chain/
    • mkdir -m755 -p /etc/openxpki/tls/endentity
    • mkdir -m700 -p /etc/openxpki/tls/private
    • cp /etc/certs/openxpki_democa/web-1.crt /etc/openxpki/tls/endentity/openxpki.crt
    • cat /etc/certs/openxpki_democa/ca-signer-1.crt >> /etc/openxpki/tls/endentity/openxpki.crt
    • openssl rsa -in /etc/certs/openxpki_democa/web-1.key -passin file:/etc/certs/openxpki_democa/pd.pass -out /etc/openxpki/tls/private/openxpki.pem
    • chmod 400 /etc/openxpki/tls/private/openxpki.pem
  2. Restart the Apache service using apache2 restart.

  3. Run the following command to check the successful import of the files:

    • openxpkiadm alias --realm democa

    Sample output

    === functional token === ca-signer (certsign):  		Alias     : ca-signer-2  		Identifier: XjC6MPbsnyfLZkI9Poi9vm4Z5rk 		 NotBefore : 2022-04-06 10:03:01  		NotAfter  : 2032-04-03 10:03:01  vault (datasafe):  		Alias     : vault-2  		Identifier: G8ekluAsskGVC0N-jZhB2n9kvdM  		NotBefore : 2022-04-06 09:53:57  		NotAfter  : 2025-04-10 09:53:57  scep (scep):  		not set  ratoken (cmcra):  		not set  === root ca === current root ca:  		Alias     : root-2  		Identifier: prTHU5vCfcJuCnQWyb5wUknvXQM  		NotBefore : 2022-04-06 09:40:27  		NotAfter  : 2032-01-04 09:40:27 
Was this article helpful?
Top