Install the Entrust Certificate Authority
Install the Entrust Certificate Authority PostgreSQL
Entrust Certificate Authority requires a database to store information about the Certification Authority, X.509 users and EAC entities. See document PSIC-Entrust Certificate Authority 10.2.pdf located in the Documents tab of Product Support Center for Authority for supported databases.
In this guide, an embedded Certificate Authority supplied PostgreSQL database is used. This database will be installed on the same server that will host Entrust Certificate Authority. If you are using your own supplied database, Entrust strongly recommends that you install the database on its own dedicated server.
To install and use Certificate Authority in a cluster, you must use your own supplied database. The Entrust supplied Certificate Authority PostgreSQL Database does not support a clustered environment.
-
Download the
PostgreSQL 15.2.0 Full and Upgrade Installer - Windowsfrom the Entrust TrustedCare online support site Certificate Authority. -
Double-click the
msifile downloaded above. On a fresh installation the setup dialogs appears. Otherwise instructions to runent_setup.batappears as shown by the red arrow below. Proceeded to the setup window or select Finish and launchent_setup.bat.
To launch ent_setup.batopen a command windows and executeC:\Program Files\Entrust\easm_postgres15\dbserver\bin\ent_setup.bat. -
Enter the following information in the setup window. Then press any key to complete the setup.
Parameter Value Database super user easm_entrust_pg
Password
Database listen port
Default 5432
PostgreSQL Data directory
Default
C:\eca_pg_data\15PostgreSQL Wal directory
Default
c:\eca_pg_wal\15Database user easm_entrust
Password
Database backup user easm_entbackup
Password
For example:
C:\Program Files\Entrust\easm_postgres15\dbserver\bin>ent_setup.bat [ent_setup] [ent_setup] Logging to 'C:\Users\Administrator\AppData\Roaming\Entrust\postgresql\ent_setup.log'. [ent_setup] [ent_setup] ******************************************************* [ent_setup] Starting setup... [ent_setup] ******************************************************* [ent_setup] Welcome to the Entrust Certificate Authority PostgreSQL Database 15.2 setup. [ent_setup] Running as [ENTRUST-SM-WIND\Administrator] [ent_setup] [ent_setup] Checking for a previous version... [ent_setup] Registry key [HKLM:\SOFTWARE\Entrust\PostgreSQL\11] does not exist, no installation found. [ent_setup] [ent_setup] Checking for current version... [ent_setup] Found InstallDir [C:\Program Files\Entrust\easm_postgres15\]. [init] [init] No upgradeable Entrust Authority Security Manager PostgreSQL Database installation was found. [init] [init] Do you wish to initialize Entrust Certificate Authority PostgreSQL Database 15.2 at this time? (y/n): y [init] Performing a full initialization for installation at [C:\Program Files\Entrust\easm_postgres15]... [init] [init] Checking for 'easm_entrust_pg' OS user... [init] User was not found, creating OS user 'easm_entrust_pg'... [init] [init] ***NOTE***: Be sure to adhere to any of your organization's password rules as well. [init] [init] The following characters cannot be used when choosing the password: [init] < > # \ " / | ' ^ ; & <space> <tab> [init] Please choose a password for: 'easm_entrust_pg': *********** [init] Please confirm the password for: 'easm_entrust_pg': *********** [init] The 'easm_entrust_pg' user has been successfully created. [init] Enabling SeServiceLogonRight for easm_entrust_pg... [init] [init] A database super user 'easm_entrust_pg' is required. [init] [init] The following characters cannot be used when choosing the password: [init] < > # \ " / | ' ^ ; & <space> <tab> [init] Please choose a password for: 'easm_entrust_pg': *********** [init] Please confirm the password for: 'easm_entrust_pg': *********** [init] [init] Please choose a listen port for the server [5432]: [init] [init] Please choose a location for the PostgreSQL Data directory : [c:\eca_pg_data\15]: [init] Adding full (inheritable) permission for [easm_entrust_pg] to location [c:\eca_pg_data\15]... [init] Adding full (inheritable) permission for [Administrators] to location [c:\eca_pg_data\15]... [init] Adding full (inheritable) permission for [ENTRUST-SM-WIND\Administrator] to location [c:\eca_pg_data\15]... [init] [init] Please choose a location for the PostgreSQL Wal directory : [c:\eca_pg_wal\15]: [init] Adding full (inheritable) permission for [easm_entrust_pg] to location [c:\eca_pg_wal\15]... [init] Adding full (inheritable) permission for [Administrators] to location [c:\eca_pg_wal\15]... [init] Adding full (inheritable) permission for [ENTRUST-SM-WIND\Administrator] to location [c:\eca_pg_wal\15]... [init] [init] Initializing Database cluster with database super user 'easm_entrust_pg'... [init] [init] Calculating the recommended shared_buffers value... [init] Installing and updating custom pg_easm_DB.conf... [init] Setting archive_command path to C:\Program Files\Entrust\easm_postgres15\bin\pg_archwal.bat [init] Setting port = 5432 [init] Setting shared_buffers = 2147483648 Bytes [init] Updating postgresql.conf... [init] Setting include = pg_easm_DB.conf [init] The database cluster is initialized. [init] Setting EASMPOSTGRESDIR environment variable... [init] Setting OPENSSL_CONF environment variable... [init] [init] Registering PostgreSQL Server as a Windows service... [init] [init] Setting PostgreSQL service display name and description... [init] [init] Starting the PostgreSQL service... [init] [init] Creating database easm_DB... [init] [init] A database user 'easm_entrust' is required. [init] [init] The following characters cannot be used when choosing the password: [init] < > # \ " / | ' ^ ; & <space> <tab> [init] Please choose a password for: 'easm_entrust': *********** [init] Please confirm the password for: 'easm_entrust': *********** [init] Creating 'easm_entrust' user... [init] [init] A database backup role 'easm_entbackup' is required. [init] [init] The following characters cannot be used when choosing the password: [init] < > # \ " / | ' ^ ; & <space> <tab> [init] Please choose a password for: 'easm_entbackup': *********** [init] Please confirm the password for: 'easm_entbackup': *********** [init] Creating 'easm_entbackup' database role... [init] [init] Creating easm_entrust schema... [init] Creating extension pgrowlocks... [init] Creating extension pg_freespacemap... [init] Creating extension pgstattuple... [init] Creating extension pg_buffercache... [init] Creating extension pageinspect... [init] [init] Removing full (inheritable) permission for [ENTRUST-SM-WIND\Administrator] from location [c:\eca_pg_data\15]... [init] Removing full (inheritable) permission for [ENTRUST-SM-WIND\Administrator] from location [c:\eca_pg_wal\15]... [init] [init] Registering PostgreSQL event DLL for [C:\Program Files\Entrust\easm_postgres15]... [init] [init] Setting PGPORT environment variable... [init] [init] Stopping the PostgreSQL service... [init] [init] Starting the PostgreSQL service... [ent_setup] [ent_setup] Operation complete! Press any key to continue . . .
Install the Entrust Certificate Authority
-
Download the Certificate Authority Full and Upgrade Installer 10.2.11 - Windows from the Entrust TrustedCare online support site Certificate Authority.
-
Double-click the
msifile downloaded above to begin the installation.An installation wizard appears.
-
Once the installation completes, select Finish in the Install Wizard Complete dialog. The installation path after the install will be
C:\Program Files\Entrust.