The Certificate Authority solution adds the following port requirements.
Incoming traffic to Certificate Authority
In all the installation nodes, check that the following ports are accessible for incoming traffic to Cryptographic Security Platform.
Source | Protocol | Target service | Target port |
|---|---|---|---|
CAs | TCP/HTTPS | Green deployment testing | 4443 |
CAs | TCP/HTTPS | Internal CA Gateway | 7443 |
CAs | TCP/HTTP | Green deployment testing | 8880 |
The deployment of the Certificate Authority solution automatically opens these ports in the firewall of the machines hosting Cryptographic Security Platform.
Outgoing traffic from Certificate Authority
In all the installation nodes, check that the following ports are accessible for outgoing traffic from Cryptographic Security Platform.
Source | Protocol | Target service | Target port |
|---|---|---|---|
CAs | NTLS | Luna Network HSM (if any) | 1792 |
CAs | TCP/HTTPS | nShield HSM (if any) | 9000-9004 |