Enable and Start the Keyfactor Command Service

The Keyfactor Command Service runs on the Keyfactor Command server hosting the Services role and controls database synchronization, among other jobs. During the Keyfactor Command configuration process you configured the service account under which the Keyfactor Command Service will run and may have configured the service to start automatically at server boot time (see Configure: Service).

To begin the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. synchronization, you just need to start the service (if it hasn’t started automatically):

1. On the Keyfactor Command server hosting the Services role, open the Services MMC.
2. In the Services MMC confirm that the Keyfactor Command Service is set to a Startup Type of Automatic (if desired). If the service is not running, click the green arrow to start it.

   

   Figure 491: Keyfactor Command Service

The CA(s) will begin to synchronize when the first scheduled scan time is reached. Scans scheduled at intervals match to clock times, so a scan set at an interval of 15 minutes will run at 6:00, 6:15, 6:30, 6:45, etc. You can check the Keyfactor Command timer service log file on the Keyfactor Command Services server to confirm that synchronization is operating as expected. You can also use the Certificate Search feature in the Keyfactor Command Management Portal to confirm the certificates are appearing in the Keyfactor Command database. That database synchronization begins with the oldest certificates in the CA database, which may be expired or revoked. Be sure to toggle the Include Revoked and Include Expired options, see Include Expired and Revoked Certificates in Certificate Search, when checking to see if synchronization is working. See Certificate Search Page in the Keyfactor Command Reference Guide for information on using the search.