By default, Apache listens in port number 443 for https. Set the default port number for OpenXPKI CA to avoid conflicts.
In /etc/apache2/ports.conf, modify the 443 port to any other port. For example:
Old content
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
New content
Listen 80
<IfModule ssl_module>
Listen 9443
</IfModule>
<IfModule mod_gnutls.c>
Listen 9443
</IfModule>
In /etc/apache2/sites-available/openxpki.conf, add or modify the VirtualHost section to map a new port. For example, <VirtualHost *:443> to <VirtualHost *:9443>.
In /etc/apache2/sites-available/default-ssl.conf, add or modify the VirtualHost_default section to map a new port. For example, change <VirtualHost *:443> to <VirtualHost *:9443>.
Restart the Apache server using systemctl restart apache2.
Note: If it asks for the SSL/TLS passphrase, then type the password while adding the TLS web server certificate in the EST server.
In tinddopenxpkiweb01.dhcp.dev.lexmark.com:9443 (RSA):, enter the passphrase for the SSL/TLS keys.