...
# | Use | Port | Description |
|---|---|---|---|
1 | Authentication key and certificate | 5500 | Authentication key and certificate certify authenticity of a Security Server. They are used for authentication in connections between Security Servers. Authentication keys are always stored in the soft token. |
2 | Sign key and certificate | - | Signature key and certificate certify authenticity of an X-Road member. They are used for signing and verifying the integrity of mediated messages. Sign keys can be stored in the soft token or in a security token / hardware security module (HSM). |
3 | Internal TLS certificate | 443 (Ubuntu) 8443 (RHEL) | Security Server’s internal TLS certificate is used in connections between the Security Server and an information system. The internal TLS certificate is used as both client and server certificate depending on the roles of the Security Server and information system. Instructions on replacing the key and certificate with an existing key and certificate. |
4 | UI/API TLS certificate | 4000 | The UI/API TLS certificate is used when connecting to the Security Server admin UI or management REST API running in port 4000 (by default). The TLS key and self-signed certificate are auto-generated during the Security Server installation process. Instructions on how to change the certificate. |
5 | API Keys | 4000 | API keys are used to authenticate API calls to Security Server’s management REST API. API keys are associated with roles that define the permissions granted to the API key. |
...