Red Hat Knowledgebase

Red Hat Knowledgebase Search:

Browse by topics:

Red Hat Applications > Certificate System > Issue << 3 of 26 >>

Solution Tools:

Issue:

How can I run Certificate System as a non-root user but still use privileged ports like 443 and 80?

Resolution:

Login as root to the machine where Red Hat Certificate System is to be installed and execute the following:
```
# rpm -ivh rhcs*.rpm
```
Run the setup. Root privileges or being the root user and root group may be needed on some stages to configure Certificate Authority (CA). For example, cert-ca.
```
# /opt/redhat-cs/setup/setup
```
Choose privileged ports like 443, 80 etc.
Restart CA:
```
# /opt/redhat-cs/cert-ca/restart-cert
```
Make sure CA can run on the above mentioned ports. To test it, use a browser and go to https://host:443/
Create a local user and add it to its assigned group.

Go to the cert system instance /opt/redhat-cs/cert-ca/config/ and edit the magnus.conf file. Add the following lines:

chown -R "specific_username:specific_group" /opt/redhat-cs/cert-ca/
chown "specific_username:specific_group" /opt/redhat-cs/alias/cert-ca*
chmod 664 /opt/redhat-cs/alias/secmod.db
export LD_ASSUME_KERNEL=2.4.1

For example, to allow the user redhat from group redhat to run Certificate System, we change the lines to:

chown -R "redhat:redhat" /opt/redhat-cs/cert-ca/
chown "redhat:redhat" /opt/redhat-cs/alias/cert-ca*
chmod 664 /opt/redhat-cs/alias/secmod.db
export LD_ASSUME_KERNEL=2.4.1

Restart the Certificate system:
```
# /opt/redhat-cs/cert-ca/restart-cert
```

Note: If the parameter LD_ASSUME_KERNEL=2.4.1 is not set, then IBM JRE would crash trying to read /proc/self/maps. This would be a known issue documented in this bugzilla report: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165351

How well did this entry answer your question?

Red Hat Applications > Certificate System > Issue << 3 of 26 >>

Main Site Links:

Links for this section:

Red Hat Knowledgebase