Question:
I am setting up CA directory as Policy Store.
I am using the CA Dir 14 and using management Ui for creating DSA, it says to add certs.
Which certificates do I need to paste here ?
Answer:
On the Agent where you've installed a dxagent, you have to find the
certificates :
$DXHOME/dxagent/openssl-ca/CA/certs/ca.pem
$DXHOME/dxagent/openssl-ca/out/[Client Cert Name].pem
and the key
$DXHOME/dxagent/openssl-ca/out/{agent name set during dir install}.key
This next one should be set in your browser which will access the
host :
$DXHOME/dxagent/openssl-ca/out/[Client Cert Name].p12
If there's no certificate on your dxagent, you can create them using
$DXHOME/dxagent/setup_dxagent.[sh|bat]
A host or a dxagent are 2 different terms for the same concept. As per
doc :
"A host or dxagent is a single computer with CA Directory installed
on it."
You have defined an Environment where you'll set more than 1 dxagent
(hosts). On the host you define will correspond to the DSA. So in the
environment, you'll see the status of all of them.
As connections to all the dxagent are done in SSL, so each dxagent
(host) should have its certificates.
Additional Information:
Manage Environments
https://docops.ca.com/ca-directory/14-0/en/administrating/using-directory-management-ui/manage-environments-and-hosts
KB : KB000102339