The Entrust PKI Hub operation requires verifying the following ports are open for traffic.

You don't need to manually open these ports in the firewall of the host machines. The following commands will automatically open them.

• The clusterctl install command, executed when Starting up PKI Hub.
• The clusterctl backup restore and clusterctl node add commands, executed when Administrating.

Required ports for incoming traffic

In all the installation nodes, check that the following ports are accessible for incoming traffic to Entrust PKI Hub.

Required ports for outcoming traffic

Some start-up operations require opening ports for outgoing traffic – for example:

• Selecting the DNS server, as later explained in Configuring the connection of a PKI Hub ISO installation.
• Configuring the NTP client, as later explained in Configuring time synchronization. 

Verify these ports are accessible for outgoing traffic in all the installation nodes.

Required ports for internode communication

In multi-node installations, check that the following ports are accessible for internal services –  such as monitoring node status or synchronizing data between nodes.

Solution-specific port requirements

See the following table for the additional open ports each Entrust solution requires.