See below for configuring and deploying CA Gateway with the Management Console.

To configure and deploy CA Gateway with the Management Console

1. Open an SSH session in any of the Cryptographic Security Platform nodes.
2. Run the following command. 
   sudo /opt/entrust/ctr -a /run/k3s/containerd/containerd.sock image tag --force docker.io/pkihub/alpine:3.21.3 localhost:30000/pkihub/init-attila:v202503271109

3. Open the following URL in a Web browser. 

   https://<machine>/management-console

   Where <machine> is the IP address or domain name of the machine hosting Cryptographic Security Platform.

4. Log into the Management Console a user belonging to a role with CA Gateway management permissions – for example, the initial admin administrator user. 

   See Starting up the Management Console for how to manage users and roles.

5. In the content pane, click Manage Solution under CA Gateway.
   

1. Activate the Import configuration toggle switch if you want to import configuration settings from a file, such as a sample configuration file included in the product release.
   
2. Click Next.
3. Configure the solution settings described in the following sections. 
   • Logging
   • Server
   • Connector filters
   • Authorities
   • Profiles
   • Tenants
   • Clients
   • Cmpv2
   • TLS CRL-settings

1. Click Validate to validate the configured settings. 
2. Correct any detected configuration error until the Validate option displays no warnings.
3. Optionally, click the Download button to export the current configuration. You can later import this configuration using the already mentioned Import configuration toggle switch.
4. Click Submit and wait while Cryptographic Security Platform uploads the configuration and any attached file, such as a P12 file with authentication credentials.
5. Click Deploy.