Configuring Port Numbers364 Netscape Certificate Management System Installation and Setup Guide • March 2002Similarly, for issuing certificates to routers (using the CEP protocol), theport must be enabled. For details, see Chapter 25, “Setting Up CEPEnrollment.”m To change the end-entity HTTPS port, locate this line and edit the valueassigned to port: id="eeSSL" ip="0.0.0.0" port="443" security="on"acceptorthreads="1" blocking="no">Certificate Management System uses this port for SSL-enabledcommunications with the end entity services interface—that is, HTTPSrequests from end entities during certificate enrollment, renewal, andrevocation.If you don’t want end-entity interaction with a subsystem, for example, ifyou don’t want end entities to interact with a Certificate Manager, you candisable this port too (in addition to the HTTP port).4. Save your changes.Step 2: Specify IP AddressesThis step is optional.You can configure CMS instances to listen to specific IP addresses. For example,you can install the Certificate Manager and Data Recovery Manager on a singlehost, in separate instances, and then configure the instances so that the CertificateManager is served on one IP address and the Data Recovery Manager is served onanother address.To clarify this further, consider the machine that hosts the Certificate Manager andData Recovery Manager has two Ethernet cards that respond to the IP addresses197.1.137.97 and 197.1.137.98. You can set up the Certificate Manager to listento port 443 for the IP address 197.1.137.97 and the Data Recovery Manager tolisten to port 443 for the IP address 197.1.137.98.To configure a CMS instance to listen to specific IP addresses:1. In the server.xml file, locate the lines specified in Step 1 above.2. Edit the value assigned to ip.3. Save your changes and close the file.4. Restart the CMS instance; see “Restarting Certificate Management System” onpage 312.