Prerequisites
Summary
The following table summarizes the overall deployment recommendations for emCA components. These recommendations are based on a logical partitioning of the various services that must run to support a minimum Certifying Authority infrastructure. For production environments, it is recommended to install each component on a separate physical server or virtual machine.
Component | Server Requirement | Configuration |
emCA Core | Physical or Virtual | High Availability – configured to a load balancer |
emCA API | Physical or Virtual | High Availability – configured to a load balancer |
OCSP Core | Physical or Virtual | High Availability – configured to a load balancer |
OCSP Responder Web | Physical or Virtual | High Availability – configured to a load balancer |
Timestamping Authority Core | Physical or Virtual | High Availability – configured to a load balancer |
Timestamping Authority Web | Physical or Virtual | High Availability – configured to a load balancer |
LDAP | Physical or Virtual | High Availability |
RA/Partner Portal | Physical or Virtual | High Availability – configured to a load balancer |
Database for emCA Core | Physical or Virtual | Clustered |
Database for Timestamping Authority | Physical or Virtual | Clustered |
Database for Partner Portal | Physical or Virtual | Clustered |
Hardware Requirements
The hardware requirements listed below are the minimum recommended requirements. The product may function at lower configurations for test or proof-of-concept (PoC) environments, but the performance and user experience may not be guaranteed, and there could be slowness or intermittent errors.
Application Server
emCA Core and API
No. of Servers | 2 Nos. for High Availability |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Processor (Intel Xeon Recommended) with 2.6GHz |
RAM | 8 GB |
Storage | 100 GB |
Hardware Security Module (HSM) (Optional) | Any FIPS Certified Hardware Security Module (HSM) |
OCSP Core & Time Stamping Authority Core
No. of Servers | 2 Nos. for High Availability |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Processor (Intel Xeon Recommended) with 2.6GHz |
RAM | 8GB |
Storage | 100GB |
Hardware Security Module (HSM) (Optional) | Any FIPS Certified Hardware Security Module (HSM) |
OCSP Web and Time Stamping Authority Web
No. of Servers | 2 Nos. for High Availability |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Processor (Intel Xeon Recommended) with 2.6GHz |
RAM | 8GB |
Storage | 100GB |
LDAP
No. of Servers | 2 Nos. for High Availability |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Processor (Intel Xeon Recommended) with 2.6GHz |
RAM | 8GB |
Storage | 100GB |
Database Server
emCA Core & API
No. of Servers | Depends on configuration (Master – Slave or Clustered architecture *) |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Processor (Intel Xeon Recommended) with 2.6GHz |
RAM | 16GB |
Storage | 250GB |
Time stamping Authority Core
No. of Servers | Depends on configuration (Master – Slave or Clustered architecture *) |
Server Configuration: | Can either by physical server or virtual machines |
Processor | Quad-Core Process (Intel Xeon Recommended) with 2.6GHz |
RAM | 16GB |
Storage | 250GB |
* Please refer to the client-specific hardware specification recommendation document
Software Requirements
Application Servers
emCA, OCSP & Timestamping Authority
Item | Description |
Operating System | Support for RHEL 7+, Ubuntu v18+, CentOS v7+, Windows Server Edition 2016+ |
Application Server | Tomcat v 9+, JBOSS v7+, Websphere v8+, Weblogic v10+ |
JAVA Environment | JDK 1.8+ |
Database Server
emCA & Timestamping Authority
Item | Description |
Operating System | Support for RHEL 7+, Ubuntu v18+, CentOS v7+, Windows Server Edition 2016+ |
Database Server | MySQL v 8+, Postgres v 9+, Oracle v 12c+, MS SQL v 14+ |
Last updated