• ejbca 无其他数据库支持情况下的安装


    windows xp平台安装:

    ejbca_3_0_7.zip
    http://ejbca.sourceforge.net/download.htm


    不能用1.5的版本,要换成1.4才可以。。
    jdk1.5.0_02
    http://java.sun.com/j2se/1.5.0/download.jsp(最下面有jce下载地址)

    http://java.sun.com/j2ee/1.4/download.html#sdk
    http://java.sun.com/j2se/1.4.2/download.html(最下面有jce下载地址)

    apache-ant-1.6.3beta1-bin.zip
    http://ant.apache.org/

    jboss-4.0.1sp1.zip
    http://www.jboss.org/downloads/index#as

    数据库版本:
    mysql-5.0.3-beta-win32

    MySQL Connector/J is the official JDBC driver for MySQL
    下面这几个都试过了。。看起来没什么区别
    mysql-connector-java-3.0.16-ga.zip
    mysql-connector-java-3.1.7.zip
    mysql-connector-java-3.2.0-alpha(据说明是支持5.0以上的mysql)

    http://dev.mysql.com/downloads/connector/j/3.1.html

    安装步骤:

    1,安装jdk, 解压缩 jboss, ant, mysql;

    2,设置环境变量JAVA_HOME,JBOSS_HOME, ANT_HOME, PATH, CLASSPATH
    环境设置:

    环境变量设置:
    JAVA_HOME = D:\Sun\AppServer\jdk
    JBOSS_HOME = E:\EJBCA\jboss
    ANT_HOME = E:\EJBCA\apache-ant-1.6.3beta1
    J2EE_HOME = D:\Program Files\Java\j2ee

    PATH = 包含这几项:%JAVA_HOME%\BIN;%JBOSS_HOME%\BIN;%ANT_HOME%\bin;

    CLASSPATH = %JAVA_HOME%\lib;%J2EE_HOME%\lib

    /*
    将 jce_policy_1.5.0 的几个文件覆盖到 %jre path%\lib\security , 我的是
    无限加密包覆盖的是jboss实际使用的jre的那个,
    这个假如没有正确覆盖的话会有提示说没有使用无限加密包
    D:\Program Files\Java\jre1.5.0_02\lib\security 。
    D:\Program Files\Java\jdk1.5.0_02\jre\lib\security
    */
    将 jce_policy_1.4.2 的两个文件覆盖到 D:\Sun\AppServer\jdk\jre\lib\security

    3,解压ejbca;

    以下为使用mysql为数据库的配置:(如果不使用mysql只需要直接用默认的数据库)

    4,配置mysql:

    create database ejbca;

    grant create,drop,alter,select,insert,update,delete on ejbca.* to

    ejbca@localhost identified by "123456";//只可在本机登陆并限定ejbca数据库

    grant create,drop,alter,select,insert,update,delete on *.* to  ejbca@"%"

    identified by "123456";//任意机器登陆操作任意数据库。
    GRANT ALL ON ejbca.* TO admin@localhost IDENTIFIED BY "123456" WITH GRANT OPTION

    5,转到ejbca的解压缩目录执行
    E:\EJBCA\ejbca>ant replaceDS回车
    Buildfile: build.xml

    replaceDS:
        [input] Type of database :

    (oracle,mssql,mysql,postgres,postgres8,sapdb,hsqldb,sybase)
    mysql回车
        [input] Data source (default java:/DefaultDS, recommended java:/EjbcaDS):
    java:/EjbcaDS回车
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\ca\ca\META-INF
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\ra\META-INF
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\log\META-INF
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\authorization\META-INF
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\hardtoken\META-INF
         [copy] Copying 1 file to E:\EJBCA\ejbca\src\keyrecovery\META-INF

    BUILD SUCCESSFUL

    执行ant deploy:
    E:\EJBCA\ejbca>ant deploy

    6,
    copy mysql-connector-java-3.1.7-bin.jar 到
    E:\EJBCA\jboss\server\default\lib($JBOSS_HOME/server/default/lib/)

    7,

    copy E:\EJBCA\ejbca\doc\mysql-ds.xml 到
    E:\EJBCA\jboss\server\default\deploy

    ($JBOSS_HOME/server/default/deploy/)

    修改mysql-ds.xml将其中的数据库连接参数修改成你实际的连接参数:

        <jndi-name>EjbcaDS</jndi-name> //数据源
        <user-name>ejbca</user-name>
        <password>123456</password>
       
        user-name password 根据数据库实际连接参数设置。


    下面这两个文件修改中的mySQL是什么用的呢?
    standardjbosscmp-jdbc和standardjaws是映射配置文件,使用默认的也可以
    删除hsqldb-ds.xml是为了不连接默认数据源的。

    E:\EJBCA\jboss\server\default\conf\standardjbosscmp-jdbc.xml
    ($JBOSS_HOME/server/default/conf/standardjbosscmp-jdbc.xml)
    在文件开始的地方找到以下几项并修改为:
     
        <jbosscmp-jdbc>

        <defaults>
          <datasource>java:/EjbcaDS</datasource>
          <datasource-mapping>mySQL</datasource-mapping>
         
    E:\EJBCA\jboss\server\default\conf\standardjaws.xml
    ($JBOSS_HOME/server/default/conf/standardjaws.xml)

    在文件开始的地方找到以下几项并修改为:
        <jaws>
        <datasource>java:/EjbcaDS</datasource>
        <type-mapping>mySQL</type-mapping>

          注意mySQL大小写。

    8,删除jboss下所有hsql*.xml文件(这是为了去掉默认的数据源配置信息)

    9,运行jboss,应该一切OK了

    10,
    E:\EJBCA\ejbca>install.cmd

    Setup of Administration Web Interface have started, this will take a minute

    to complete ....

    如果用jdk1.5到这里就没有反应了
    换成jdk1.4版本就没有问题了:


    keytool错误: java.lang.Exception: 别名 <EJBCA-CA> 不存在
    认证已添加至keystore中

    The installation is now complete.
    Proceed with the following steps in order to start administrating EJBCA.

    1. Restart the application server.
    2. Import the p12/superadmin.p12 file in your browser.
    3. Go to the following URL: https://<computername>:8443/ejbca/adminweb
    4. And now your are all set to start using EJBCA.

    If you are interested in  professional support of EJBCA and PKI related question
    s,
    please contact PrimeKey Solutions AB, Sweden at ejbca@primekey.se or www.primeke
    y.se for more information.


    一切OK了,可以用https://localhost:8443/ejbca/adminweb访问了,申请证书可以通过http://localhost:8080/ejbca/publicweb

    #############################################################################
    #############################################################################
    #############################################################################
    以下是没有使用其他数据库的默认安装配置过程:

    Microsoft Windows XP [版本 5.1.2600]
    (C) 版权所有 1985-2001 Microsoft Corp.

    C:\Documents and Settings\windforce>E:

    E:\>cd EJBCA/EJBCA

    E:\EJBCA\ejbca>ant
    Buildfile: build.xml

    init:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\classes
        [mkdir] Created dir: E:\EJBCA\ejbca\dist

    compile:
        [javac] Compiling 465 source files to E:\EJBCA\ejbca\tmp\classes
         [copy] Copying 470 files to E:\EJBCA\ejbca\src\java

    apply.war:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\apply.war
         [copy] Copying 20 files to E:\EJBCA\ejbca\tmp\publicweb\apply.war
         [copy] Copying 44 files to E:\EJBCA\ejbca\tmp\publicweb\apply.war\WEB-INF\c
    lasses
          [jar] Building jar: E:\EJBCA\ejbca\dist\apply.war

    status.war:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\status.war
         [copy] Copying 1 file to E:\EJBCA\ejbca\tmp\publicweb\status.war
         [copy] Copying 26 files to E:\EJBCA\ejbca\tmp\publicweb\status.war\WEB-INF\
    classes
          [jar] Building jar: E:\EJBCA\ejbca\dist\status.war

    webdist.war:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\publicweb\webdist.war
         [copy] Copying 7 files to E:\EJBCA\ejbca\tmp\publicweb\webdist.war
         [copy] Copying 48 files to E:\EJBCA\ejbca\tmp\publicweb\webdist.war\WEB-INF
    \classes
          [jar] Building jar: E:\EJBCA\ejbca\dist\webdist.war

    ca.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\ca\ca.jar
         [copy] Copying 442 files to E:\EJBCA\ejbca\tmp\ca\ca.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\ca.jar

    log.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\log.jar
         [copy] Copying 11 files to E:\EJBCA\ejbca\tmp\log.jar
         [copy] Copying 23 files to E:\EJBCA\ejbca\tmp\log.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\log.jar

    authorization.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\authorization.jar
         [copy] Copying 10 files to E:\EJBCA\ejbca\tmp\authorization.jar
         [copy] Copying 91 files to E:\EJBCA\ejbca\tmp\authorization.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\authorization.jar

    hardtoken.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\hardtoken.jar
         [copy] Copying 10 files to E:\EJBCA\ejbca\tmp\hardtoken.jar
         [copy] Copying 64 files to E:\EJBCA\ejbca\tmp\hardtoken.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\hardtoken.jar

    keyrecovery.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\keyrecovery.jar
         [copy] Copying 11 files to E:\EJBCA\ejbca\tmp\keyrecovery.jar
         [copy] Copying 28 files to E:\EJBCA\ejbca\tmp\keyrecovery.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\keyrecovery.jar

    ra.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\ra.jar
         [copy] Copying 12 files to E:\EJBCA\ejbca\tmp\ra.jar
         [copy] Copying 95 files to E:\EJBCA\ejbca\tmp\ra.jar
          [jar] Building jar: E:\EJBCA\ejbca\dist\ra.jar

    adminweb.war:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\adminweb.war
         [copy] Copying 95 files to E:\EJBCA\ejbca\tmp\adminweb.war
         [copy] Copying 14 files to E:\EJBCA\ejbca\tmp\adminweb.war\WEB-INF\classes
          [jar] Building jar: E:\EJBCA\ejbca\dist\adminweb.war

    ca.ear:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\ca\ear
         [copy] Copying 1 file to E:\EJBCA\ejbca\tmp\ca\ear\ear
         [copy] Copying 7 files to E:\EJBCA\ejbca\tmp\publicweb\publicwebroot.war
          [jar] Building jar: E:\EJBCA\ejbca\tmp\ca\ear\ear\publicwebroot.war
         [copy] Copying 10 files to E:\EJBCA\ejbca\tmp\ca\ear\ear
         [copy] Copying 7 files to E:\EJBCA\ejbca\tmp\ca\ear\ear\lib
          [jar] Building jar: E:\EJBCA\ejbca\dist\ejbca-ca.ear

    admin.jar:
        [mkdir] Created dir: E:\EJBCA\ejbca\tmp\adminjar
         [copy] Copying 2 files to E:\EJBCA\ejbca\tmp\adminjar
         [copy] Copying 226 files to E:\EJBCA\ejbca\tmp\adminjar
          [jar] Building jar: E:\EJBCA\ejbca\admin.jar

    build:

    BUILD SUCCESSFUL
    Total time: 18 seconds
    E:\EJBCA\ejbca>ant deploy
    Buildfile: build.xml

    init:

    compile:

    apply.war:

    status.war:

    webdist.war:

    ca.jar:

    ra.jar:

    adminweb.war:

    log.jar:

    hardtoken.jar:

    keyrecovery.jar:

    authorization.jar:

    ca.ear:

    admin.jar:

    deploy:
         [copy] Copying 1 file to E:\EJBCA\jboss\server\default\deploy
         [copy] Copying E:\EJBCA\ejbca\dist\ejbca-ca.ear to E:\EJBCA\jboss\server\de
    fault\deploy\ejbca-ca.ear

    BUILD SUCCESSFUL
    Total time: 3 seconds
    E:\EJBCA\ejbca>install.cmd
    Welcome to EJBCA Installation
    This script acts as a wizard helping you with the installation of your Certificate Authority.

    Before the installation will begin make sure of the following preparations have been done:

    1. The EJBCA application is deployed to the application server. ('ant deploy')

    2. You run this installation with access to administrative privileges.

    Is these requirements meet (Yes/No) :Y


    This installation will create a first administrative CA. This CA will be used to create the first superadministrator and for the SSL server certificate of administrative web server.

    When the administrative web server have been setup you can create other CA:s and administrators.

    Please enter the short name for the CA.
    This is only used for administrative purposes,
    avoid spaces or odd characters (Ex 'AdminCA1') :CA
    Enter the Distinguished Name of the CA. This is used in the CA certificate to distinguish the  CA. (Ex'CN=AdminCA1,O=PrimeKey Solutions AB,C=SE') :cn=CA,c=cn
    Enter the keysize in bits of the CA, only digits. (Ex '2048') : 2048
    Enter the validity in days for the CA, only digits (Ex '3650') :3650
    Enter the policy id of the CA. Policy id determine which PKI policy the CA uses.

    Type your policy id or use '2.5.29.32.0' for any policy or 'NO' for no policy at all. (Ex '2.5.29.32.0') :192.168.0.17


    Now for some information required to set up the administration web interface.

    Please enter the computer name of CA server. (Ex 'caserver.primekey.se') :fly-in-sky
    Enter the Distinguished Name of the SSL server certificate used by the administrative web gui (Ex 'CN=caserver.primekey.se,O=PrimeKey Solutions AB,C=SE') :cn=fly-in-sky,c=cn

    Enter a good password for the super administrators keystore. Please remember this one:000000


    You have entered the following data :

    CA short name : CA
    Distinguished Name CA : cn=CA,c=cn
    Keysize of the CA :  2048
    Validity in days for the CA : 3650
    Policy id of the CA : 192.168.0.17
    Computer name of CA server : fly-in-sky
    Distinguished Name of the SSL server certificate : cn=fly-in-sky,c=cn
    Password for the super administrators keystore : 000000
    Is this correct ( Yes/No/Exit ) :Y

    The installation will now start, please wait .....


    Initializing CA
    Generating rootCA keystore:
    DN: CN=CA,C=cn
    Keysize: 2048
    Validity (days): 3650
    Policy ID: 192.168.0.17
    Initalizing Temporary Authorization Module.
    Creating CA...
    CAId for created CA: 645009761
    -Created and published initial CRL.
    CA initialized


    Setup of Administration Web Interface have started, this will take a minute to complete ....


    keytool错误: java.lang.Exception: 别名 <EJBCA-CA> 不存在
    认证已添加至keystore中

    The installation is now complete.Proceed with the following steps in order to start administrating EJBCA.

    1. Restart the application server.
    2. Import the p12/superadmin.p12 file in your browser.
    3. Go to the following URL: https://<computername>:8443/ejbca/adminweb
    4. And now your are all set to start using EJBCA.

    If you are interested in  professional support of EJBCA and PKI related questions,please contact PrimeKey Solutions AB,Sweden at ejbca@primekey.se or www.primekey.se for more information.


    E:\EJBCA\ejbca>

  • 相关阅读:
    《通往衰败之路》读后感 读书笔记
    《苏世民我的经验与教训》读后感 读书笔记
    《红星照耀中国》读后感 读书笔记
    《上帝之子》读后感 读书笔记
    《两兄弟》读后感 读书笔记
    《好的经济学》读后感 读书笔记
    JSON 使用 教程
    JSON 使用
    JSON 语法
    Json
  • 原文地址:https://www.cnblogs.com/adylee/p/1290041.html
Copyright © 2020-2023  润新知