A Detailed list of the Sandia DCC Security Servers
/home/g1/proj/akenti/docs/admin/sandia-servers.html
As of Feb 6, 2001, the DCC Certificate Management System (cms) is running the Netscape/Iplanet CMS version 4.2. All the old certificates and published ldap entries were migrated from the previous system to the new version. The pieces of the system are as follows:
Console - java interface to mangage the servers
executable /usr/local/cms42/startconsole - Java GUI
Interface to start, stop and control all the servers. It talks to the
admin server on port 16000, so that server must be running first. It
can be installed on your workstation using the CMS install script and
choosing only to install the console or run on DieselCert. You must
authenticate using the single-signon password.
Admin Server
start script /usr/local/cms42/start-admin
executable /usr/local/cms42/bin/admin/ns-admin
config file /usr/local/cms42/admin-serv/config
port 16000 an http interface to the Admin server. It contains links
to mostly useless services. This is port on which the console talks to
the admin server.
runs as root - started by /etc/rc2.d/S99DCCcms
Netscape CMS (Certificate Managment System) servers on DieselCert.ca.sandia.gov
Start script/usr/local/cms42/cert-DieselCert/start-cert. Password required
executable /usr/local/cms42/bin/cert/admin/start
executable /usr/local/cms42/bin/cert/bin/jssjava (starts 2 instances of this)
ServerRoot /usr/local/cms42/cert-DieselCert
Config files /usr/local/cms42/cert-DieselCert/config
log files /usr/local/cms42/cert-DieselCert/logs
Port 443 - get to this by https:/DieselCert.ca.sandia.gov - User interface.
Port 16003 - This is the SSL administration port. It is not accessible
via https from a web browser, but may be the way the admin server controls
the CMS.
Port 16004 - get to this by https:/DieselCert.ca.sandia.gov:16004/ca/ - Agent interface.
Directory Servers
www-collab.ca.sandia.gov - Akenti servers
Akenti web server on www-collab.ca.sandia.gov, https://www-collab.ca.sandia.gov
Accessing www-collab via this server gets you an encrypted
connection and presents your Identity Certificate to the server.You must have an
Identity Certificate issued by IDCG-CA or DieselCert.ca.sandia.gov to access this server
executable /opt/akenti/httpd-akenti
ServerRoot /opt/akenti
DocumentRoot /opt/apache/akenti-docs
Port 443
conf /opt/akenti/conf/http-akenti.conf,Akenti.conf
Start script /opt/akenti/bin/start-akenti
passphrase i*a*
Akenti Monitor server
executable /opt/akenti/StartMonitor.sh
Port 9999 - specified in Akenti.conf
Port to talk to applet 12000 - specified in Akenti.conf
conf /opt/akenti/conf/Akenti.conf
passphrase none
Akenti cache server
executable /opt/akenti/StartCacheManager.sh
Caching directory /opt/akenti/cache - specified in Akenti.conf
Port 6789 - specified in Akenti.conf
conf /opt/akenti/conf/Akenti.conf
passphrase none
Akenti resource definitions server
executable /opt/akenti/StartResServer.sh
DocumentRoot /opt/akenti/akenti-docs
Port 8008
conf /opt/akenti/conf/Akenti.conf
passphrase none