000022448 - How to run Xudad on a different port.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022448
Applies ToSentry CA 3.x
Keon Certificate Authority
TechNote 0090
IssueHow to run Xudad on a different port.
ResolutionYou can choose to change either or both of the xudad ports during or after installing Sentry.

For example, if you're running 2 copies of Sentry with separate databases you must run each copy of xudad using different ports.

The default SSL-LDAP port, registered by RSA, is 636. The default LDAP port is 389.

On Unix, port numbers range from 0 to 65535.  Some port numbers  (especially those below 1024) are reserved for particular protocols for use by root. See /etc/services for a list.

To choose to run xudad on different port(s) during installation, simply change the port number(s) in the form presented during the web based part of the installation.

To run xudad on different port(s) after installation, where:
 <portnum1> is the port number you choose for secure (SSL-LDAP) connections and
 <portnum2> is the port number you choose for non-secure (LDAP) connections

 simply

 1. specify the new secureport (SSL-LDAP) and port (LDAP) in
     <sentry-installation-dir>/Xudad/conf/xudad.conf. You may wish to retain but
     comment out the existing lines to retain the default port information, as
     follows:
 
       #port           389
       port            <portnum2>
       #secureport     636
       secureport      <portnum1>
 
 2. Sentry CA uses SSL-LDAP connections.
     To tell Sentry CA to use a different port, edit
     <sentry-installation-dir>/WebServer/conf/httpd.conf
     To change ALL instances of SSL_PKI_Port and XACL_PKI_BindPort to the
     port number you chose above for secure (SSL-LDAP) connections (there may
     be one for each virtualhost in the configuration file).

Example to use a non-default SSL-LDAP port:

 in <sentry-installation-directory>/Xudad/conf/xudad.conf:
    port         5389                       
    secureport   5636

 in <sentry-installation-directory>/WebServer/conf/httpd.conf:
    SSL_PKI_Port 5636
    XACL_PKI_BindPort 5636
Legacy Article IDa3669

Attachments

    Outcomes