Multiple [CVR]A containers, one Management CA #238
-
|
I have successfully created a Root CA using the EJBCA CE docker container with an external database. Now I want to create an Issuing CA also in a docker container on a separate server, but I don't need (?) its own Management CA there. The documentation describes such a scheme, but not for containers. How do I configure one shared Management CA on all servers running in containers? Is this even possible? Sorry if these are stupid questions, I am just starting to learn EJBCA. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
Yes you can do that by volume mounting the CA certificate and using an environment variable INITIAL_ADMIN. An example: |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, this is exactly what I needed! Can you tell me where can I find filter names like "WITH_ORGANIZATION"? For example, I want to replace the organization filter with a certificate serial number filter. |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
Yes you can do that by volume mounting the CA certificate and using an environment variable INITIAL_ADMIN.
An example:
-e INITIAL_ADMIN="ManagementCA;CertificateAuthenticationToken:WITH_ORGANIZATION;PrimeKey Solutions AB" -v $(pwd)/PrimeKeyInternalCA.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt qa/ejbca