To start up Entrust PKI Hub, perform the following operations in a node meeting the Requirements.
- Downloading the Entrust PKI Hub image
- Verifying the downloaded files
- Installing the Entrust PKI Hub image
- Running clusterctl install
- Replacing the default TLS certificate
- Configuring the proxy
- Changing the keyboard layout
- Changing the operating system timezone
- Configuring time synchronization
- Manually starting starting the chrony service
- Configuring an nShield HSM
For a multi-node or high-availability installation, perform the additional operations described in Adding nodes.
Do not perform operating system modifications not covered in this guide. Specifically, do not:
- Change the system locale.
- Install antivirus, agents, or any other additional software.
- Update, modify, or remove operating system packages using mechanisms other than the one provided by Entrust.
- Modify the privileges of the
sysadminadministrator. - Create new users.
- Change file permissions.
- Change SELinux permissions or configuration.
- Move or delete files.
- Change partitions or mount points in a different way than documented.
- Change the kernel configuration.
- Change the boot loader configuration.
Create or modify a
crontab. Any automation task must be performed from an external machine accessing the system via SSH.