RE: [Pki-users] End user certificate request

I would try https://my_pki:9443/ca/services make sure you restart ca after you have configured it. Infact the last screen during configuration ask you to restart CA. I have run into that sometimes--wondering why it's not working, but I only failed to restart CA after configuration. From: Julius Adewumi @GDC4S.com Ph:480-441-6768 Contract Corp:MTSI ________________________________ From: Philippe Rodrigues [mailto:phr@adehis.be] Sent: Friday, November 27, 2009 1:00 PM To: Adewumi, Julius-p99373; pki-users(a)redhat.com Subject: RE: [Pki-users] End user certificate request Julius, Thank for your answer Following result of pki-ca start, port 9180 is only accessible on http (see below) pki-ca (pid 2762) is running ... Unsecure Port = http://my_pki:9180/ca/ee/ca <http://my_pki:9180/ca/ee/ca> Secure Agent Port = https://my_pki:9443/ca/agent/ca <https://my_pki:9443/ca/agent/ca> Secure EE Port = https://my_pki:9444/ca/ee/ca <https://my_pki:9444/ca/ee/ca> Secure Admin Port = https://my_pki:9445/ca/services <https://my_pki:9445/ca/services> PKI Console Port = pkiconsole https://my_pki:9445/ca <https://my_pki:9445/ca> Tomcat Port = 9701 (for shutdown) You cannot access to the others ports from any other IP address. Is there a configuration to do for allowing access from outside ? Philippe ________________________________ De : Adewumi, Julius-p99373 [mailto:Julius.Adewumi@gdc4s.com] Envoyé : vendredi 27 novembre 2009 20:06 À : Philippe Rodrigues; pki-users(a)redhat.com Objet : RE: [Pki-users] End user certificate request I believe you should access https: port. From: Julius Adewumi @GDC4S.com Ph:480-441-6768 Contract Corp:MTSI ________________________________ From: pki-users-bounces(a)redhat.com [mailto:pki-users-bounces@redhat.com] On Behalf Of Philippe Rodrigues Sent: Friday, November 27, 2009 10:57 AM To: pki-users(a)redhat.com Subject: [Pki-users] End user certificate request Hi all, Newbie, I'm testing pki features but end user cannot access http://server_ip:9180/ca/ee/ca for a certicate request. A "netstat -anp" show service is listening on port 9180 but maybe only on locahost. An "nmap" show only ssh port open. How to give access to the end user for a certificate request ? My configuration is F11 and all features are installed (ca,ra,..). I've flushed all filters "iptables -F". Thank for any help Philippe