The Keyfactor Command Service runs on the Keyfactor Command server hosting the Services role and controls CA
A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. synchronization jobs, alert generation, reporting, and database cleanup tasks, among other jobs. During the Keyfactor Command configuration process you configured the service account under which the Keyfactor Command Service will run and may have configured the service to start automatically at server boot time (see Configure: Service Tab).
To start the service (if it hasn’t started automatically):
- On the Keyfactor Command server hosting the Services role, open the Services MMC.
-
In the Services MMC confirm that the Keyfactor Command Service is set to a Startup Type of Automatic (if desired). If the service is not running, click the green arrow to start it.
Figure 574: Keyfactor Command Service
If you have configured a synchronization schedule for your CA (see Configure CA Certificate Synchronization), the CA(s) will begin to synchronize when the first scheduled scan time is reached. Scans scheduled at intervals match to clock times, so a scan set at an interval of 15 minutes will run at 6:00, 6:15, 6:30, 6:45, etc. You can check the Keyfactor Command Service (timer service) log file on the Keyfactor Command Services server to confirm that synchronization is operating as expected. You can also use the Certificate Search feature in the Keyfactor Command Management Portal to confirm the certificates are appearing in the Keyfactor Command database. The database synchronization begins with the oldest certificates in the CA database, which may be expired or revoked. Be sure the Include Revoked and Include Expired options are enabled when checking to see if synchronization is working. See Certificate Search Page for information on using the search.