Versions Compared

Old Version 4

changes.mady.by.user Ilya Solovyev

Saved on

compared with

New Version Current

changes.mady.by.user Daliya Agletdinova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Creating a service account

Indeed Certificate Manager data storage is a database. For maintenance of the system creating service account is required.

To enable the Axidian CertiFlow system to operate with the database, create a service account and grant it the required permissions:

1. Open pgAdmin, enter master password and connect to server.
2. In Browser section right-click on

the

Login/Group Roles menu item.
3. Select Create

>

Login/Group

Role…

Role.

Image RemovedImage Added

     4. On the Go to General tab and enter the role name in the Name field enter name of the role, for example - servicepg.

Image Removed

(e.g. cfServiceSQL).

Image Added

5. Go to Definition tab and     5. On the Definition tab enter your password in the Password field. Account expires field should be set to No Expiry must be specified in the Account Expires field.

Image AddedImage Removed

Note

When you create creating a service account, you must disable password expiration.

    6. Turn Go to Privileges tab and turn on the Can Login? parametr on the Privileges tab parameter.

   Image RemovedImage Added

    7. Leave the rest of the fields with the defaults states default values and click Save.

Creation of the

Creating a database

.

The database used as data storage is creates created manually. It filles with To populate the database, use theStorage-PostresqlPostgre.sql script, which is part of the Indeed CM distribution kit (the script is located in the \IndeedCM script included in the Axidian CertiFlow installation package (\CertiFlow.Server\Misc directory).change

1. Create a database in the pgAdmin environment with an arbitrary name:

  • In Browser section right-click on
the Database
  • Databases menu item.
  • Select Create
> Database...Image Removed
  • Database.

Image Added

  • Go to General tab and enter a name in the Database field (e.g. CertiFlowDB). Select the created service account in the Owner list and click Save.

Image Added

2. Select the database (CertiFlowDB) in Browser section and execute the Storage-Postgre.sql script:

  • Select ToolsQuery Tool.
  • Click on Open iconImage Addedin Query Tool menu and specify a path to the file Storage-Postgre.sql (\CertiFlow.Server\Misc change), click Select.

Image Added

  • Click Execute/Refresh button Image Added.

Image Added

3. Grant privileges to service account for the database tables:

  • Press Image Added button in Query Tool menu and select Clear Query.

Image Added

  • Enter the text of the request, specifying the account name:
Code Block
languagesql
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "specify service account";


Code Block
languagesql
titleExample:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO cfServiceSQL;

Setting up a remote connection to the database

Open the PostgreSQL config file pg_hba.conf.

Info

pb_hba.conf file location:

For Windows OS: C:\Program Files\PostgreSQL\<version number>\data
For *nix OS: /etc/postgresql/<version number>/main

Add a line with the following format:

Code Block
CONNECTIONTYPE DATABASE USER ADDRESS METHOD

Where values are referred to as:

  • CONNECTIONTYPE connection type. "Host" is specified, TCP/IP connection is used.
  • DATABASE name of the database.
  • USER database user name.
  • ADDRESS IP-address of the Axidian CertiFlow Server.
  • METHOD user authentication method.
Code Block
titleExample:
host CertiFlowDB cfServiceSQL 192.200.1.0/32 md5