Launch Certificate Manager clients
The Smart ID Certificate Manager (CM) clients, with the exception of the CM SDK, have several features in common. They are installed in the same directory, they all listen to the same port etc. Also, a common method is used when starting the CM clients Administrator's workbench (AWB), Registration Authority (RA) in Certificate Manager, Certificate Controller (CC) in Certificate Manager and Secure Printer (SP) in Certificate Manager. They are all started by a program named launch.exe.
The launching technique described in this article applies to the clients running on Windows. Use the appropriate shell script available in <install_root>/bin to start a client on Linux.
Configure how CM clients are started
Command switches
You use command switches to control the options with which a particular client is started. These command switches can be customized in a configuration file named launch.ini. When initiated, launch.exe reads launch.ini from the same folder in order to interpret the switches given by the start command.
Shortcut icon
You can create a shortcut icon with properties to, for example, start an instance of the Certificate Controller (CC) which can only be used for certificate revocation. It is not only convenient to use shortcut icons to start the CM clients, it is also much more effective from a resource point of view, as all clients started via launch.exe are using the same JRE.
Examples of the start command
Start the Certificate Controller (CC) without any options
Enter the start command:
Example: Start the CC without any options
CODElaunch.exe -CC
where
CC
has the following default definition in launch.ini:CODECC=com.id2tech.cm.rc.Rrc
Start the Certificate Controller (CC) with revocation possibilities only
Enter the start command:
Example: Start the CC with revocation possibilities only
CODElaunch.exe -CCREVOKE
where
CCREVOKE
has the following definition in launch.ini:CODECCREVOKE=/action nkcs com.id2tech.cm.rc.Rrc
Switch definitions
n=No action
h=Hold
r=Reinstate
a=Revoke - Affiliation changed
k=Revoke - Key compromised
c=Revoke - Cessation of Operation
s=Revoke - Superseded
w=Revoke - PrivilegeWithdrawn
u=No Reason Code
p=Publish
q=Hide the set, delete and keep current buttons in the "publish with revocation password" dialog.
The command switches can be configured to prevent the display of certain revocation reasons in some instances of CC clients.
Specify JRE
You can control which JRE that will run the application.
Option 1:
Edit the
COMMAND
line in launch.ini, and enter the full path to a javaw executable.
Option 2:
Use an environment variable named
CM_CLIENT_JAVA:
Specify this variable in the same wayJAVA_HOME
is usually specified, for example, the home folder of the JRE installation, such as C:\Program Files (x86)\Java\my_jre\. If there is an absolute path already specified inCOMMAND
, the environment variable will not be read.
Change default configuration path
All configuration files for CM clients (expect from the launch.ini for Windows platforms) are installed in the configuration files folder that you selected during installation. After the installation, you can change, and manually move, the configuration files to any other path. After moving the files the following changes are required:
Windows platform
Edit launch.ini and set the new configuration path:
CODE;Client configuration directory CONFIGURATION=<new_configuration_path>
Linux platform
Edit each executable start script under <install_root>/bin/ and set the new configuration path after the
-configuration
parameter in the script's last line.
Recommendations
The installation is made with the default memory heap size of the JRE. If problems with memory usage is encountered, you can increase the heap size.
To do this, alter the COMMAND
key in launch.ini.