To generate a basic CA Gateway configuration, open a command-line interpreter in the bin folder of the cagw-util tool and run the following command.
cagw-util create-skeleton-config [-f] -pwd -env=<ENVIRONMENT> -host=<HOST> [-l=<LICENSE_FILE>] [-o=<OUTPUT_FOLDER>] -p=<PORT> [-e | -d -hc=<CREDENTIALS_DIR>]For example:
cagw-util create-skeleton-config -f -pwd -env cagwtest -host cagw.test.org -l license.json -o c:/test/config -p 8080cagw-util create-skeleton-config -f -pwd -env=cagwtest -host=cagw.test.org -l=license.json -o=c:/test/config -p=8080When prompted, enter the password and press ENTER. For example:
Enter the Keystore password:c:\test\config\server.p12 successfully createdc:\test\config\cagw-client-1.p12 successfully createdc:\test\config\ca.p12 successfully createdc:\test\config\application.yml successfully createdClient DN: cn=cagwtest client 1, o=cagwtestCAGW Server DN: cn=cagw.test.org, o=cagwtestCA DN: cn=cagwtest CA, o=cagwtestCAGW URL: https://cagw.test.org:8080/cagw/v1CAGW API Docs: https://cagw.test.org:8080/cagw/api-docsSwagger URL: https://cagw.test.org:8080/cagw/swagger-uiSee below for a description of each parameter.
-d, --docker
Customize the generated application.yml configuration file for Docker environments.
When using this convenience flag, each file path in the generated application.yml configuration file has a base path suited for Docker environments. Alternatively, you can omit this flag and select a customized base path with the --host-config-dir command.
-env, --environment=<ENVIRONMENT>
Set <ENVIRONMENT> as environment name. CA Gateway will use this value when setting unique subject names for the certificates.
Mandatory: Yes.
-f, --force-overwrite
Overwrite any existing configuration file.
-hc, --host-config-dir=<CREDENTIALS_DIR>
Use <CREDENTIALS_DIR> as the base path to reference credential files in the generated application.yml configuration file. For example:
trust-store: <CREDENTIALS_DIR>/truststore.p12This flag is mutually exclusive with --docker.
Mandatory: No. When omitting both this option and the --docker flag, the application.yml file assumes an empty value – for example:
trust-store: truststore.p12-host, --hostname=<HOST>
Set <HOST> as the IP address or hostname for CA Gateway URLs.
The utility populates <HOST> into the Subject Alternative Name of the generated server certificate.
Mandatory: Yes.
-l, --license-file-name=<LICENSE_FILE_NAME>
Use the <LICENSE_FILE_NAME> license, where <LICENSE_FILE_NAME> is the name (not the path) of the license file. The application.yml configuration file will reference this file using the following path.
<CREDENTIALS_DIR>/<LICENSE_FILE_NAME>Where <CREDENTIALS_DIR> is the folder selected with one of the following commands.
- --docker
- --host-config-dir
This command does not support legacy password-protected license files; it only supports signed license files.
Mandatory: No.
-m, --msca-proxy
Customize the generated configuration for supporting Entrust Microsoft CA Proxy.
Mandatory: No.
-o, --output-dir=<OUTPUT_DIR>
Save the generated files in the <OUTPUT_DIR> folder of the host where the utility is executed.
Move the generated files to the <CREDENTIALS_DIR> folder selected with either the --docker, or --host-config-dir command.
Mandatory: No. This optional value defaults to the current folder.
-p, --port-number=<PORT>
Configure CA Gateway for listening in the <PORT> port.
Mandatory: Yes.
-pwd
Prompt the user for the keystores password.
Mandatory: Yes.