windows xp平台安装:
ejbca_3_0_7.zip
http://ejbca.sourceforge.net/download.htm
不能用1.5的版本,要换成1.4才可以。。
jdk1.5.0_02
http://java.sun.com/j2se/1.5.0/download.jsp(最下面有jce下载地址)
http://java.sun.com/j2ee/1.4/download.html#sdk
http://java.sun.com/j2se/1.4.2/download.html(最下面有jce下载地址)
apache-ant-1.6.3beta1-bin.zip
http://ant.apache.org/
jboss-4.0.1sp1.zip
http://www.jboss.org/downloads/index#as
数据库版本:
mysql-5.0.3-beta-win32
MySQL Connector/J is the official JDBC driver for MySQL
下面这几个都试过了。。看起来没什么区别
mysql-connector-java-3.0.16-ga.zip
mysql-connector-java-3.1.7.zip
mysql-connector-java-3.2.0-alpha(据说明是支持5.0以上的mysql)
http://dev.mysql.com/downloads/connector/j/3.1.html
安装步骤:
1,安装jdk, 解压缩 jboss, ant, mysql;
2,设置环境变量JAVA_HOME,JBOSS_HOME, ANT_HOME, PATH, CLASSPATH
环境设置:
环境变量设置:
JAVA_HOME = D:\Sun\AppServer\jdk
JBOSS_HOME = E:\EJBCA\jboss
ANT_HOME = E:\EJBCA\apache-ant-1.6.3beta1
J2EE_HOME = D:\Program Files\Java\j2ee
PATH = 包含这几项:%JAVA_HOME%\BIN;%JBOSS_HOME%\BIN;%ANT_HOME%\bin;
CLASSPATH = %JAVA_HOME%\lib;%J2EE_HOME%\lib
/*
将 jce_policy_1.5.0 的几个文件覆盖到 %jre path%\lib\security , 我的是
无限加密包覆盖的是jboss实际使用的jre的那个,
这个假如没有正确覆盖的话会有提示说没有使用无限加密包
D:\Program Files\Java\jre1.5.0_02\lib\security 。
D:\Program Files\Java\jdk1.5.0_02\jre\lib\security
*/
将 jce_policy_1.4.2 的两个文件覆盖到 D:\Sun\AppServer\jdk\jre\lib\security
3,解压ejbca;
以下为使用mysql为数据库的配置:(如果不使用mysql只需要直接用默认的数据库)
4,配置mysql:
create database ejbca;
grant create,drop,alter,select,insert,update,delete on ejbca.* to
ejbca@localhost identified by "123456";//只可在本机登陆并限定ejbca数据库
grant create,drop,alter,select,insert,update,delete on *.* to ejbca@"%"
identified by "123456";//任意机器登陆操作任意数据库。
GRANT ALL ON ejbca.* TO admin@localhost IDENTIFIED BY "123456" WITH GRANT OPTION
5,转到ejbca的解压缩目录执行
E:\EJBCA\ejbca>ant replaceDS回车
Buildfile: build.xml
replaceDS:
[input] Type of database :
(oracle,mssql,mysql,postgres,postgres8,sapdb,hsqldb,sybase)
mysql回车
[input] Data source (default java:/DefaultDS, recommended java:/EjbcaDS):
java:/EjbcaDS回车
[copy] Copying 1 file to E:\EJBCA\ejbca\src\ca\ca\META-INF
[copy] Copying 1 file to E:\EJBCA\ejbca\src\ra\META-INF
[copy] Copying 1 file to E:\EJBCA\ejbca\src\log\META-INF
[copy] Copying 1 file to E:\EJBCA\ejbca\src\authorization\META-INF
[copy] Copying 1 file to E:\EJBCA\ejbca\src\hardtoken\META-INF
[copy] Copying 1 file to E:\EJBCA\ejbca\src\keyrecovery\META-INF
BUILD SUCCESSFUL
执行ant deploy:
E:\EJBCA\ejbca>ant deploy
6,
copy mysql-connector-java-3.1.7-bin.jar 到
E:\EJBCA\jboss\server\default\lib($JBOSS_HOME/server/default/lib/)
7,
copy E:\EJBCA\ejbca\doc\mysql-ds.xml 到
E:\EJBCA\jboss\server\default\deploy
($JBOSS_HOME/server/default/deploy/)
修改mysql-ds.xml将其中的数据库连接参数修改成你实际的连接参数:
<jndi-name>EjbcaDS</jndi-name> //数据源
<user-name>ejbca</user-name>
<password>123456</password>
user-name password 根据数据库实际连接参数设置。
下面这两个文件修改中的mySQL是什么用的呢?
standardjbosscmp-jdbc和standardjaws是映射配置文件,使用默认的也可以
删除hsqldb-ds.xml是为了不连接默认数据源的。
E:\EJBCA\jboss\server\default\conf\standardjbosscmp-jdbc.xml
($JBOSS_HOME/server/default/conf/standardjbosscmp-jdbc.xml)
在文件开始的地方找到以下几项并修改为:
<jbosscmp-jdbc>
<defaults>
<datasource>java:/EjbcaDS</datasource>
<datasource-mapping>mySQL</datasource-mapping>
E:\EJBCA\jboss\server\default\conf\standardjaws.xml
($JBOSS_HOME/server/default/conf/standardjaws.xml)
在文件开始的地方找到以下几项并修改为:
<jaws>
<datasource>java:/EjbcaDS</datasource>
<type-mapping>mySQL</type-mapping>
注意mySQL大小写。
8,删除jboss下所有hsql*.xml文件(这是为了去掉默认的数据源配置信息)
9,运行jboss,应该一切OK了
10,
E:\EJBCA\ejbca>install.cmd
Setup of Administration Web Interface have started, this will take a minute
to complete ....
如果用jdk1.5到这里就没有反应了
换成jdk1.4版本就没有问题了:
keytool错误: java.lang.Exception: 别名 <EJBCA-CA> 不存在
认证已添加至keystore中
The installation is now complete.
Proceed with the following steps in order to start administrating EJBCA.
1. Restart the application server.
2. Import the p12/superadmin.p12 file in your browser.
3. Go to the following URL: https://<computername>:8443/ejbca/adminweb
4. And now your are all set to start using EJBCA.
If you are interested in professional support of EJBCA and PKI related question
s,
please contact PrimeKey Solutions AB, Sweden at ejbca@primekey.se or www.primeke
y.se for more information.
一切OK了,可以用https://localhost:8443/ejbca/adminweb访问了,申请证书可以通过http://localhost:8080/ejbca/publicweb
#############################################################################
#############################################################################
#############################################################################
以下是没有使用其他数据库的默认安装配置过程:
Microsoft Windows XP [版本 5.1.2600]
(C) 版权所有 1985-2001 Microsoft Corp.
C:\Documents and Settings\windforce>E:
E:\>cd EJBCA/EJBCA
E:\EJBCA\ejbca>ant
Buildfile: build.xml
init:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\classes
[mkdir] Created dir: E:\EJBCA\ejbca\dist
compile:
[javac] Compiling 465 source files to E:\EJBCA\ejbca\tmp\classes
[copy] Copying 470 files to E:\EJBCA\ejbca\src\java
apply.war:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\apply.war
[copy] Copying 20 files to E:\EJBCA\ejbca\tmp\publicweb\apply.war
[copy] Copying 44 files to E:\EJBCA\ejbca\tmp\publicweb\apply.war\WEB-INF\c
lasses
[jar] Building jar: E:\EJBCA\ejbca\dist\apply.war
status.war:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\status.war
[copy] Copying 1 file to E:\EJBCA\ejbca\tmp\publicweb\status.war
[copy] Copying 26 files to E:\EJBCA\ejbca\tmp\publicweb\status.war\WEB-INF\
classes
[jar] Building jar: E:\EJBCA\ejbca\dist\status.war
webdist.war:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\webdist.war
[copy] Copying 7 files to E:\EJBCA\ejbca\tmp\publicweb\webdist.war
[copy] Copying 48 files to E:\EJBCA\ejbca\tmp\publicweb\webdist.war\WEB-INF
\classes
[jar] Building jar: E:\EJBCA\ejbca\dist\webdist.war
ca.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\ca\ca.jar
[copy] Copying 442 files to E:\EJBCA\ejbca\tmp\ca\ca.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\ca.jar
log.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\log.jar
[copy] Copying 11 files to E:\EJBCA\ejbca\tmp\log.jar
[copy] Copying 23 files to E:\EJBCA\ejbca\tmp\log.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\log.jar
authorization.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\authorization.jar
[copy] Copying 10 files to E:\EJBCA\ejbca\tmp\authorization.jar
[copy] Copying 91 files to E:\EJBCA\ejbca\tmp\authorization.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\authorization.jar
hardtoken.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\hardtoken.jar
[copy] Copying 10 files to E:\EJBCA\ejbca\tmp\hardtoken.jar
[copy] Copying 64 files to E:\EJBCA\ejbca\tmp\hardtoken.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\hardtoken.jar
keyrecovery.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\keyrecovery.jar
[copy] Copying 11 files to E:\EJBCA\ejbca\tmp\keyrecovery.jar
[copy] Copying 28 files to E:\EJBCA\ejbca\tmp\keyrecovery.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\keyrecovery.jar
ra.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\ra.jar
[copy] Copying 12 files to E:\EJBCA\ejbca\tmp\ra.jar
[copy] Copying 95 files to E:\EJBCA\ejbca\tmp\ra.jar
[jar] Building jar: E:\EJBCA\ejbca\dist\ra.jar
adminweb.war:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\adminweb.war
[copy] Copying 95 files to E:\EJBCA\ejbca\tmp\adminweb.war
[copy] Copying 14 files to E:\EJBCA\ejbca\tmp\adminweb.war\WEB-INF\classes
[jar] Building jar: E:\EJBCA\ejbca\dist\adminweb.war
ca.ear:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\ca\ear
[copy] Copying 1 file to E:\EJBCA\ejbca\tmp\ca\ear\ear
[copy] Copying 7 files to E:\EJBCA\ejbca\tmp\publicweb\publicwebroot.war
[jar] Building jar: E:\EJBCA\ejbca\tmp\ca\ear\ear\publicwebroot.war
[copy] Copying 10 files to E:\EJBCA\ejbca\tmp\ca\ear\ear
[copy] Copying 7 files to E:\EJBCA\ejbca\tmp\ca\ear\ear\lib
[jar] Building jar: E:\EJBCA\ejbca\dist\ejbca-ca.ear
admin.jar:
[mkdir] Created dir: E:\EJBCA\ejbca\tmp\adminjar
[copy] Copying 2 files to E:\EJBCA\ejbca\tmp\adminjar
[copy] Copying 226 files to E:\EJBCA\ejbca\tmp\adminjar
[jar] Building jar: E:\EJBCA\ejbca\admin.jar
build:
BUILD SUCCESSFUL
Total time: 18 seconds
E:\EJBCA\ejbca>ant deploy
Buildfile: build.xml
init:
compile:
apply.war:
status.war:
webdist.war:
ca.jar:
ra.jar:
adminweb.war:
log.jar:
hardtoken.jar:
keyrecovery.jar:
authorization.jar:
ca.ear:
admin.jar:
deploy:
[copy] Copying 1 file to E:\EJBCA\jboss\server\default\deploy
[copy] Copying E:\EJBCA\ejbca\dist\ejbca-ca.ear to E:\EJBCA\jboss\server\de
fault\deploy\ejbca-ca.ear
BUILD SUCCESSFUL
Total time: 3 seconds
E:\EJBCA\ejbca>install.cmd
Welcome to EJBCA Installation
This script acts as a wizard helping you with the installation of your Certificate Authority.
Before the installation will begin make sure of the following preparations have been done:
1. The EJBCA application is deployed to the application server. ('ant deploy')
2. You run this installation with access to administrative privileges.
Is these requirements meet (Yes/No) :Y
This installation will create a first administrative CA. This CA will be used to create the first superadministrator and for the SSL server certificate of administrative web server.
When the administrative web server have been setup you can create other CA:s and administrators.
Please enter the short name for the CA.
This is only used for administrative purposes,
avoid spaces or odd characters (Ex 'AdminCA1') :CA
Enter the Distinguished Name of the CA. This is used in the CA certificate to distinguish the CA. (Ex'CN=AdminCA1,O=PrimeKey Solutions AB,C=SE') :cn=CA,c=cn
Enter the keysize in bits of the CA, only digits. (Ex '2048') : 2048
Enter the validity in days for the CA, only digits (Ex '3650') :3650
Enter the policy id of the CA. Policy id determine which PKI policy the CA uses.
Type your policy id or use '2.5.29.32.0' for any policy or 'NO' for no policy at all. (Ex '2.5.29.32.0') :192.168.0.17
Now for some information required to set up the administration web interface.
Please enter the computer name of CA server. (Ex 'caserver.primekey.se') :fly-in-sky
Enter the Distinguished Name of the SSL server certificate used by the administrative web gui (Ex 'CN=caserver.primekey.se,O=PrimeKey Solutions AB,C=SE') :cn=fly-in-sky,c=cn
Enter a good password for the super administrators keystore. Please remember this one:000000
You have entered the following data :
CA short name : CA
Distinguished Name CA : cn=CA,c=cn
Keysize of the CA : 2048
Validity in days for the CA : 3650
Policy id of the CA : 192.168.0.17
Computer name of CA server : fly-in-sky
Distinguished Name of the SSL server certificate : cn=fly-in-sky,c=cn
Password for the super administrators keystore : 000000
Is this correct ( Yes/No/Exit ) :Y
The installation will now start, please wait .....
Initializing CA
Generating rootCA keystore:
DN: CN=CA,C=cn
Keysize: 2048
Validity (days): 3650
Policy ID: 192.168.0.17
Initalizing Temporary Authorization Module.
Creating CA...
CAId for created CA: 645009761
-Created and published initial CRL.
CA initialized
Setup of Administration Web Interface have started, this will take a minute to complete ....
keytool错误: java.lang.Exception: 别名 <EJBCA-CA> 不存在
认证已添加至keystore中
The installation is now complete.Proceed with the following steps in order to start administrating EJBCA.
1. Restart the application server.
2. Import the p12/superadmin.p12 file in your browser.
3. Go to the following URL: https://<computername>:8443/ejbca/adminweb
4. And now your are all set to start using EJBCA.
If you are interested in professional support of EJBCA and PKI related questions,please contact PrimeKey Solutions AB,Sweden at ejbca@primekey.se or www.primekey.se for more information.
E:\EJBCA\ejbca>