Installation guide
4. Modify the /etc/init.d/instance_name initialization script to read the new status definitions.
a. At line 242, replace the following lines. Replace all the lines with the exact excerpt below
because there are important differences in whitespace in the quoted strings.
unsecure_port_statement="Unsecure Port = "
secure_agent_port_statem ent="Secure Agent Port = "
secure_ee_port_statem ent="Secure EE Port = "
secure_ee_client_auth_port_statement="EE Client Auth Port = "
secure_admin_port_statem ent="Secure Admin Port = "
pki_console_port_statement="PKI Console Port = "
tomcat_port_statement="Tomcat Port = "
b. Modify the highlighted code at around line 280.
head=`echo "$line" | cut -b1-22`
if [ "$head" ==
"$ unsecure_port_statement" ] ||
[ "$head" ==
"$ secure_agent_port_statement" ] ||
[ "$head" ==
"$ secure_ee_port_statement" ] ||
[ "$head" ==
"$ secure_ee_client_auth_port_statement" ] ||
[ "$head" ==
"$ secure_adm in_port_statement" ] ||
[ "$head" ==
"$ pki_console_port_statem ent" ] ||
[ "$head" ==
"$ tom cat_port_statement" ] ; then
echo " $line"
total_ports=`expr ${total_ports}
+ 1`
fi
fi
done
if [ ${total_ports} -eq 7 ] ; then
return 0
5. Open the web.xml file.
vim /var/lib/instance_nam e/webapps/ca/WEB-INF/web.xm l
6. Add the following servlet mappings for submitting profiles to the secure end-entities client
authentication URL:
<servlet-mapping>
<servlet-name> caProfileSubmitSSLClient </servlet-name>
<url-pattern> /eeca/ca/profileSubmitSSLClient </url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name> caGetCertFromRequest </servlet-name>
<url-pattern> /eeca/ca/getCertFromRequest </url-pattern>
</servlet-mapping>
8. Known Issues
25