This article is related to the startup sequence of servers in Smart ID Certificate Manager (CM).
If at least one cryptographic device requires a PIN that is not configured and not using a PIN pad, the CIS service starts a temporary web server (the password server) and a web browser must be used to enter the required PIN codes. This instruction describes how to start, stop and configure the password server.
| Expand |
|---|
| title | Start password server |
|---|
|
- The CIS service will start a temporary web server - the password server - if at least one of the cryptographic devices, installed and configured in cis.conf, requires a PIN that is not configured and is not using a PIN pad.
- The CIS service will wait until the required PIN codes are entered in a web browser.
- The input fields in the web form are labelled with the name of the device.
|
| Expand |
|---|
| title | Stop password server |
|---|
|
- The password server is stopped when all PIN codes have been entered.
- The start sequence of the CIS service continues.
|
| Expand |
|---|
| title | Configure password server |
|---|
|
The password server will bind to localhost and listen on port 5080 with the default configuration. The actual configuration is shown in the log messages. - Configure the bind address and port of the password server in cis.conf.
|
| Expand |
|---|
| title | Logging in password server |
|---|
|
This is an example of the logging from the password server when pin codes are required, output in the CIS log file (log-<date>.log).
| Code Block |
|---|
| title | Example: Logging from the password server |
|---|
| [2013/02/13:13:20:37] oper info CIS-PasswordServer Server started:\
localhost:5080
[2013/02/13:13:20:37] oper info CIS-PasswordServer Devices require\
password: [PIN-protected Soft Token, CryptoServer (RSA)]
[2013/02/13:13:21:25] oper info CIS-PasswordServer All passwords received,\
server stops: localhost:5080 |
|
Related information
