MTG Mini-CA Package Dependencies

The MTG Mini-CA packages depend on following additional packages:

Component Package name Note

Component	Package name	Note
MTG-Common	`mtg-common-<X.X.X-REV>.<DIST>.<arch>.rpm` or `mtg-common-<X.X.X-REV>~<DIST-VER>_<arch>.deb`	MTG product independent files and settings such as generating the log directory /var/log/mtg and the operating system user "mtg"

MTG-Common

mtg-common-<X.X.X-REV>.<DIST>.<arch>.rpm
or
mtg-common-<X.X.X-REV>~<DIST-VER>_<arch>.deb

MTG product independent files and settings such as generating the log directory /var/log/mtg and the operating system user "mtg"

To verify the integrity of the packages, a corresponding SHA-256 checksum as well as a PGP-Signature will be delivered for each package.

Component Package name Note

Component	Package name	Note
MTG Mini-CA	`mini-ca-<X.X.X-REV>.<DIST>.<arch>.rpm` or `mini-ca-<X.X.X-REV>~<DIST-VER>_<arch>.deb`	MTG Mini-CA

MTG Mini-CA

mini-ca-<X.X.X-REV>.<DIST>.<arch>.rpm
or
mini-ca-<X.X.X-REV>~<DIST-VER>_<arch>.deb

MTG Mini-CA

For detailed instructions on Installation Preparation, Installation and Apache Configuration please refer to the Related Links section at the end of this page.

Operating-System User “minica”

The Mini-CA is installed under the OS user “minica” with group “minica”. This user will be created automatically during the installation of the package. However, this “minica” user can also be created manually prior to the package installation. After completing the installation, it is suggested to set a (unique) user password (as “root”), so the minica user can also be used to log in if necessary. The default home directory of this user is:

/home/mtg/minica

Additional OS users can be created for external components like PostgreSQL server, etc.

Hardware Security Module HSM

For supported HSMs and extended instructions please refer to this page.

Database

For a proper utilization of the MTG Mini-CA, a database connection is mandatory.

The underlying database system has to be provided and managed by the customer, i.e. is not part of the MTG-KMS software. The database system should be configured to accept the jdbc connections from MTG-KMS to its database schema.

MTG provides inside the mini-ca package the RDBMS specific application’s database schema installation scripts. Depending on customer agreement, MTG provides schema installation scripts for the following database management systems:

Oracle SQL
PostgreSQL
MariaDB

MariaDB

Set the default character set of the database to UTF8 (see Changing the default character set of MariaDB.).

Changing the default character set of MariaDB.

ALTER DATABASE <db_name> COLLATE = 'utf8_unicode_ci' CHARACTER SET = 'utf8';

The encoding of the database must be always utf8 with collation utf8_unicode_ci. Currently, only the utf8mb3 format of MariaDB is supported. Some languages are not supported by this format.

if a galera cluster is used, the option log_bin_trust_function_creators="ON" has to be set in the configuration file of the mysql installation because of the use of database triggers in connection with flyway.