The Certificate Authority solution adds the following port requirements.
Incoming traffic to Certificate Authority
In all the installation nodes, check that the following ports are accessible for incoming traffic to PKI Hub.
Source | Protocol | Target service | Target port |
|---|---|---|---|
CAs | TCP/HTTPS | Green deployment testing | 4443 |
CAs | TCP/HTTPS | Internal CA Gateway | 7443 |
CAs | TCP/HTTP | Green deployment testing | 8880 |
The deployment of the Certificate Authority solution automatically opens these ports in the firewall of the machines hosting PKI Hub.
Outgoing traffic from Certificate Authority
In all the installation nodes, check that the following ports are accessible for outgoing traffic from PKI Hub.
Source | Protocol | Target service | Target port |
|---|---|---|---|
CAs | NTLS | Luna Network HSM (if any) | 1792 |
CAs | TCP/HTTPS | nShield HSM (if any) | 9000-9004 |