Versions Compared

Old Version 22

changes.mady.by.user Mikhail Yakovlev

Saved on

compared with

New Version Current

changes.mady.by.user Daliya Agletdinova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Creating a service account

Indeed Certificate Manager data storage is a database. For maintenance of the system creating service account is required.To enable the Axidian CertiFlow system to operate with the database, create a service account and grant it the required permissions:

1. Open pgAdmin, enter master password and connect to server.
2. In Browser section right-click on the Login/Group Roles menu item.
3. Select Create > Login/Group Role…Role.

4. On the Go to General tab and enter the role name in the Name field enter name of the role, for example - CFSQLServiceOps(e.g. cfServiceSQL).

5. On the Go to Definition tab and enter your password in the Password field. Account expires field should be set to No Expiry must be specified in the Account Expires field.

Note

When you create creating a service account, you must disable password expiration.

6. Turn Go to Privileges tab and turn on the Can Login? parameter on the Privileges tab.

   

7. Leave the rest of the fields with the defaults states default values and click Save.

Creation of the

Creating a database

.

The database used as data storage is creates created manually. It filles with To populate the database, use theStorage-Postgre.sql script, which is part of the Indeed CM distribution kit (the script is located in the \IndeedCM script included in the Axidian CertiFlow installation package (\CertiFlow.Server\Misc directory).change

1. Create a database in the pgAdmin environment with an arbitrary name:

  • In Browser section right-click on the Databases menu item.
  • Select Create> Database...

  • Enter Go to General tab and enter a name in the Database field on General tab, for example CertiFlowDB(e.g. CertiFlowDB). Select the user created service account in the Owner list , created on the first step of this guide (CFSQLServiceOps) and click Save.

2. Select the database (CertiFlowDB) in Browser section and execute the Storage-Postgre.sql script:

  • Select Tools > Query Tool.
  • Click the on Open iconin the Query Tool menu and specify the a path to the file Storage-Postgre.sql  (it is located in \IndeedCMCertiFlow.Server\Misc change) and , click Select.

  • Click Execute/Refresh button .

3. Granting Grant privileges to service account on for the database tables:

  • Press button in Query Tool menu , than and select Clear Query menu item.

  • Enter the text of the request, specifying the account name in it:
Code Block
languagesql
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "specify service account";


Code Block
languagesql
titleExample:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO CFSQLServiceOpscfServiceSQL;

Setting up a remote connection to the database

Open the PostgreSQL config file " pg_hba.conf".

Info

pb_hba.conf file location:

For Windows OS: C:\Program Files\PostgreSQL\<version number>\data
For *nix OS: /etc/postgresql/<version number>/main

Add a line with the following format:

Code Block
CONNECTIONTYPE DATABASE USER ADDRESS METHOD

Where values are referred to as:

  • CONNECTIONTYPE -  Connection connection type. "hostHost" is specified, TCP/IP connection will be is used.
  • DATABASE - Name name of the database.
  • USER - Database database user name.
  • ADDRESS - IP IP-address of the Axidian CertiFlow Server.
  • METHOD - User user authentication method.
Code Block
titleExample:
host CertiFlowDB CFSQLServiceOpscfServiceSQL 192.200.1.0/32 md5