Default ports in Certificate Manager
This article describes the default ports that are used in a Smart ID Certificate Manager (CM) installation.
The ports, as well as related keystores and truststores, are configured in server.xml.
Firewall Interface | From | To | Listening Port | Protocol and Comment |
|---|---|---|---|---|
Internal | CM clients | Certificate Factory | TCP 5009 | Internal port for the CM clients to communicate with Certificate Factory (CF). It is set in the default configuration of the CM clients and CF. If a firewall needs to be opened then it is thus for port 5009. If the port is changed in the CF configuration, the connection from the client must specify the same port. |
External | Client toward Protocol Gateway | Protocol Gateway | TCP 8443 | External TLS communication between a Protocol Gateway endpoint and client, without client certificate authentication. |
External | Client toward Protocol Gateway | Protocol Gateway | TCP 8444 | External TLS communication between a Protocol Gateway endpoint and client, with client certificate authentication. |
External | Client toward Protocol Gateway | Protocol Gateway | TCP 8080 | External communication without TLS between a Protocol Gateway endpoint and client. If 8080 receives a request that requires TLS transport, it will be redirected to 8443. |