Skip to main content
Skip table of contents

Default ports in Certificate Manager

This article describes the default ports that are used in a Smart ID Certificate Manager (CM) installation. 

The ports, as well as related keystores and truststores, are configured in server.xml.

Firewall Interface

From

To

Listening Port

Protocol and Comment

Internal
(or External)

CM clients

Certificate Factory

TCP 5009

Internal port for the CM clients to communicate with Certificate Factory (CF). It is set in the default configuration of the CM clients and CF. 

If a firewall needs to be opened then it is thus for port 5009. If the port is changed in the CF configuration, the connection from the client must specify the same port.

External

Client toward Protocol Gateway

Protocol Gateway

TCP 8443

External TLS communication between a Protocol Gateway endpoint and client, without client certificate authentication. 

External

Client toward Protocol Gateway

Protocol Gateway

TCP 8444

External TLS communication between a Protocol Gateway endpoint and client, with client certificate authentication. 

External

Client toward Protocol Gateway

Protocol Gateway

TCP 8080

External communication without TLS between a Protocol Gateway endpoint and client. 

If 8080 receives a request that requires TLS transport, it will be redirected to 8443.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.