Ejbca Install

For the impatient

The main installation instructions are available over at http://ejbca.org/.

Packages

Debian stable(etch) and unstable EJBCA 3.5.x Packages:
http://han.pp.se/gl/article.php?story=20080115235612100

The auto-setup script used for debian can be used for other purposes as well, auto-setup.

Quick setup guides

these guides are a bit outdated, for older versions of EJBCA, but they will still provide a lot of good information if combined with the installation instructions above.

Here you can download a quick setup guide (pdf) how to install version 3.1.x of PrimeCA/EJBCA.
Quick Setup Guide, 3.1.x.

Here you can download a quick setup guide (pdf) how to install version 3.0.x of PrimeCA/EJBCA.
Quick Setup Guide, 3.0.x.

Platforms and guides

EJBCA 3.4.1 on Solaris 10 x86:
http://han.pp.se/gl/article.php?story=20070518224609117

EJBCA 3.4.1 on OpenBSD:
http://han.pp.se/gl/article.php?story=20070506221441147

EJBCA 3.5.3 is also know to work on these OS:

  • Debian Stable and unstable
  • Ubuntu 6.06, 7.04 and 7.10
  • Suse 9 and 10
  • Oracle Enterprise Linux 4
  • Solaris 10
  • Windows XP and 2003 Server
  • Mac OS X 10.4.11 and 10.5.1

As of EJBCA 3.6, EJBCA works on the following application servers:

  • JBoss 4.0.5 and 4.2.x
  • Glassfish v1 and v2
  • OC4J 10g
  • Weblogic 9.x
  • Websphere ND 6.1

External RA

In some cases, for security reasons, it is preferable to deny all inbound traffic to the CA and instead let the CA periodically fetch and process information from external trusted data sources. For an overview of the solution see the illustration.

The ExtRA API contains the most basic functions like:

* Generate Certificate from PKCS10
* Generate PKCS12 for the end user
* KeyRecovery of the users key (if requested using PKCS12)
* Edit users
* Revoke Certificates

The external API, named extra, is downloaded separately, or checked out separately from the CVS using the module name 'extra'.

Documentation about the ExtRA API is in the doc subdirectory of the extra subproject.

Express download and install script [Alpha]

Mainly for developers and bug-testers. You can find it here.

Log4j configuration in JBoss

  • Disable the console appender
  • Limit the category org.ejbca to INFO
  • Limit the default root appender to ERROR
<category name="org.ejbca">
      <priority value="INFO"/>
   </category>

   <root>
      <priority value="ERROR"/>
      <appender-ref ref="FILE"/>
   </root>
page tags: extra
page_revision: 10, last_edited: 1206576848|%e %b %Y, %H:%M %Z (%O ago)
edittags history files print site tools+ options
Unless stated otherwise Content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License