In order for the CA Connector
The Keyfactor CA Connector is installed in the customer environment to provide a connection between a CA and Keyfactor Command when a direct connection is not possible. It is supported on both Windows and Linux and has versions for Microsoft (Windows only) or EJBCA CAs. Client to be able to communicate with the Keyfactor Command server, certificate authorities, and the local Active Directory (if applicable), appropriate firewall ports need to be open on the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. Connector Client server and throughout the environment. These ports may already be open or may need to be opened.
Table 1034: Protocols the CA Connector Client Uses for Communication
|
Type |
Protocols and Ports |
Target |
|---|---|---|
|
Outbound |
RPC (TCP 135) |
Microsoft CAs |
|
Outbound |
DCOM (Random high ports typically in the range TCP 49152 – 65535) |
Microsoft CAs |
|
Outbound |
Active Directory LDAP (TCP 389) |
Active Directory domain controllers, for template retrieval |
|
Outbound |
HTTPS (TCP 443) |
Keyfactor Command, EJBCA CAs |
Was this page helpful? Provide Feedback