AWS Creating a deployment file for use with automation
All of the properties that are selected in the wizard make up a file that is generated as part of the output when its submitted. In the ec2-user home directory is a directory called “confwizard” that exists before the wizard is ran. In there is an example file provided, if desired you can run through the wizard to get a working config file. The file does get backed up to:
/opt/PrimeKey/wildfly_config/wizard.json
You can use this file from older systems to edit it and place it in the location the wizard will pick it up. The wizard looks for the original file in
/home/<current_user>/confwizard/params.json
Please the desired configuration in the location above, exactly as it appears, and the installer will pick it up and start installing with that configuration.
An example configuration could be:
{"Host_Name":"node.hostname.com","managementcaradio":"createmca","Common_Name":"ManagementCA","ManagementCA_OU":"IT_DEPARTMENT","ManagementCA_O":"Example Company","mcakeyspec-input":"3072","SuperAdmin_Common_Name":"SuperAdmin","SuperAdmin_Password":"password123!","Confirm_SuperAdmin_Password":"password123!","Cert_Common_Name":"SuperAdmin"}
Possible values are:
Parameter | Possible Values | Required? | Notes |
---|---|---|---|
Host_Name | <any valid DNS name> | ☑️ | |
SAN_Name | <any valid DNS name> | ||
dbhostCheckbox |
| Setting on tells the installer to use an external database | |
dbexistingCheckbox |
| Setting on tells the installer to do a cluster join. Database must exist and contain a working EJBCA install. | |
database-type |
| ☑️ (with dbhostCheckbox) | |
DB_Host_Name | ☑️ (with dbhostCheckbox) | ||
DB_Port | ☑️ (with dbhostCheckbox) | Default values are:
| |
DB_User_Name | ☑️ (with dbhostCheckbox) | ||
DB_Password | ☑️ (with dbhostCheckbox) | ||
DB_Name | ☑️ (with dbhostCheckbox) | Database name - This must not exist for new installs. Installer creates it | |
managementcaradio |
| ☑️ | |
Common_Name | ☑️ (with createca) | ManagementCA common name. For example “ManagementCA” | |
ManagementCA_OU | ☑️ (with createca) | ManagementCA Organizational Unit name value for the DN. For example "IT_DEPARTMENT" | |
ManagementCA_O | ☑️ (with createca) | ManagementCA Organization name value for the DN. For example "ACME Corp" | |
mcakeyspec-input |
| ☑️ (with createca) | Management CA signKey keyspec |
SuperAdmin_Common_Name | SuperAdmin | ☑️ (with createca) | This is the Superadmin Cert Common Name. This should be set to SuperAdmin (case sensitive) for scripts to work later. |
SuperAdmin_Password | <Min 5 characters> | ☑️ (with createca) | These two fields need to match. |
Confirm_SuperAdmin_Password | <Min 5 characters> | ☑️ (with createca) | These two fields need to match. |
Cert_Common_Name | ☑️ (with importca) | When using “importmca” this is the name of the ManagementCA pem that is being supplied to the installer. This certificate MUST be added to the following path with the following name: /opt/confwizard/uploads/managementca.ca-mgmt.pem | |
encryptionKeyCheckbox |
| ||
encryptionKey-input | ☑️ (with encryptionKeyCheckbox) | ||
hsmipCheckbox |
| If set to on, CloudHSM customerCA.crt file must be copied to and named exactly as: /opt/confwizard/uploads/customerCA.crt | |
hsmCount |
| ☑️ (with hsmipCheckbox) | If set to single, installer will use the CloudHSM SDK5 installer parameter for a single node cluster ( |
HSM_IP_Address | ☑️ (with hsmipCheckbox) | ||
HSM_User_Name | username:pin | ☑️ (with hsmipCheckbox) | Must be in the CloudHSM format of username:pin. |