000026531 - Can the renewal port be configured to different IP port?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000026531
Applies ToRSA Registration Manager 6.7
RSA Registration Manager (RRM)
RSA Certificate Manager 6.7
RSA Certificate Manager (RCM)
Microsoft Windows Server 2003 SP2
IssueCan the renewal port be configured to different IP port?
How do you configure renewal to use different IP and port?
Trying to run renewal portion of RM on different IP port

Outside users can not acess port 448 for renewal due to FW rules

Resolution

Steps to configure RRM to work with Virtual Host

 

Steps to be followed in Windows:

1.       Go to Control Panel and open Network Connections.

2.       Right click on the active connection and click Properties.

3.       On the Local Area Connection Properties dialog box select the Internet Protocol and then click Properties button.

4.       On the Internet Protocol (TCP/IP) Properties dialog box, click Advanced button.

5.       Under IP Settings tab inside IP addresses group box add the IP address which you want to use as local host. (Ex: 192.168.2.231)

Note: Before adding verify whether the IP address is used by another machine.

Steps to be followed in RRM Installation:

1.       Stop all RRM Services.

2.       Go to httpd.conf file in <Installation Location>/webserver/conf folder.

3.       In this file under 

###############################################

###  RSA Renewal Server configuration  ###

###############################################

 

Replace the lines below

 

Listen <Renewal port number>

 

<VirtualHost _default_:< Renewal port number>>

 

With

 

Listen 192.168.2.231:443

 

<VirtualHost <Virtual IP>:<Enrollment port >>

NameVirtualHost <Virtual IP>:<Enrollment port >

4.       Also change under 

###############################################

###  RSA Enrollment Server configuration  ###

###############################################

 

Replace the lines below

 

Listen < Enrollment port number>

 

<VirtualHost _default_:< Enrollment port number>>

 

With

 

Listen <Current machine IP Address>:< Enrollment port number >

 

<VirtualHost <Current machine IP Address>:< Enrollment port number >>

NameVirtualHost <Current machine IP Address>:< Enrollment port number >

5.       Save the File. Go to <Installation Location>/webserver/enroll-server folder.

6.       Open domain-main.xuda. Go to line 264 and replace line below

<A HREF="https://<computername>:448/auto-renew-certificate.xuda?domainID=[domainID]" onClick="displayWarning('renew');" STYLE="content:'TAFID:lnkRenewClientCert'">Renew your client certificate</A>

With

 

<A HREF="https:// <Virtual IP>:<Enrollment port >/auto-renew-certificate.xuda?domainID=[domainID]" onClick="displayWarning('renew');" STYLE="content:'TAFID:lnkRenewClientCert'">Renew your client certificate</A>

7.       Start the RRM services.

See solution How to set certificate renewal URLfor information about changing renewal email link

 

Legacy Article IDa54756

Attachments

    Outcomes