Cryptographic Security Platform 1.4 - PKI Hub 1.5 installation and administration [PDF][Releases]

Use the following command syntax to install Cryptographic Security Platform with a generic database meeting the Database requirements instead of the Entrust database appliance.

clusterctl install --db-host <db-host> --db-port <db-port> --db-name <db-name> --db-username <db-username> [--db-password <db-password>] [--db-tls-enabled <yes|no>] [--db-ca-certificate <db-ca-certificate>] [--mode <mode>]

See below for a description of each command.

--db-host <db-host>

Connect to the database with the <db-host> domain name or IP address.

Mandatory: When selecting a generic database meeting the Database requirements instead of the Entrust database appliance.

--db-port <db-port>

Connect to the DBMS using the <db-port> port.

Mandatory: Yes.

--db-name <db-name>

Select the database with the <db-name> name.

Mandatory: Yes.

--db-username <db-username>

Authenticate in the database as the basic auth user with the <username> username.

Mandatory: Yes.

--db-password <db-password>

Authenticate in the database with the <db-password> user password.

Mandatory: No. This value is prompted to the user when omitted. For example:

[sysadmin@edm00 ~]$ sudo clusterctl install --db-host 10.10.10.10 --db-port 3333 --db-name test --db-username test --db-tls-enabled no
Enter the database password:
Password:
Installing  ⠏ ╢░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟ 0 %

--db-tls-enabled <yes|no>

yes to enable TLS security in the connections with the database; no otherwise.

Mandatory: Yes.

--db-ca-certificate <db-ca-certificate>

Validate the TLS certificate of the DBMS using <db-ca-certificate>, where <db-ca-certificate> is the path to a PEM-encoded certificate file.

Mandatory: When enabling TLS.

--mode <mode>

Run the installation in <mode> mode. Where <mode> is either:

demo-mode
prod-mode

See the table below for a description of each mode.

Setting	demo-mode	prod-mode
Deployment type	Proof-of-concept deployments.	Production deployments.
Requirements	Does not need the disk performance requirements described in Machine requirements. Specifically, fsync latency is not an issue in this mode.	All the Requirements.
Supported number of nodes	One	One or more. See Required number of nodes for details.
Supported operations	You cannot perform the operations described in Creating a multi-node cluster, Backing up PKI Hub, Recovering from disaster, or Restoring PKI Hub.	All
Supported updates	You cannot upgrade to a newer version or migrate to a prod-mode installation.	All

Mandatory: No. This optional value defaults to prod-mode.