Data storage

You can configure a data storage in Microsoft SQL or PostgreSQL.

To configure a data storage for Axidian CertiFlow:

1. Create a database.
2. Create a service account.
3. Populate the database with a script from the Axidian CertiFlow installation package.

Microsoft SQL

1. Create a database in SQL Server Management Studio.
   1. In the Object Explorer pane, right-click Databases and select New Database.
   2. Enter a database name and click OK.
2. Use a local SQL service account or an Active Directory service account and grant it the required permissions to manage the database. This service account is used to perform read and write operations in the database.
   1. In the Object Explorer pane, expand the Security section.
   2. Right-click the Logins folder and select the service account from the context menu.
   3. Go to the User Mapping tab and configure the account permissions.
   4. In the Database role membership for section, select the check boxes next to the db_owner and public permissions.
3. Populate the database.
   1. Go to the File menu and click Open.
   2. Select File..., specify the catalog path to the Storage.sql file (\AxidianCertiflow.WindowsServer\Misc) and click Open.
   3. Before running the script, uncomment --USE[<database name>]--GO and specify the name of the database or select it from the list.
   4. Click Execute.

PostgreSQL

1. Create a database in pgAdmin.
   1. Open pgAdmin and connect to the server.
   2. In the Browser section, right-click Databases and select Create → Database....
   3. On the General tab, specify the database name in the Database field, select the service account from the Owner list, and click Save.
2. Create a service account.
   1. In the Browser section, right-click the Login/Group Roles menu item.
   2. Select Create → Login/Group Role....
   3. On the General tab, specify a service account name in the Name field.
   4. On the Definition tab, specify the password in the Password field. Make sure the Account Expires field has the No Expiry value.
   5. On the Privileges tab, enable the Can Login? parameter and click Save.
3. Populate the database. Select the created database in the Browser section, execute the Storage-Postgre.sql script and grant the service account the required permissions.
   1. Select Tools → Query Tool.
   2. Click and specify the catalog path to the Storage-Postgre.sql file (\AxidianCertiflow.WindowsServer\Misc). Click Select.
   3. Click Execute/Refresh.
   4. Click and select Clear Query.
   5. Enter the query text with the service account name:

   GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "service account name";
   1. Click Execute/Refresh .

Configure a remote connection to the database

1. Open the pg_hba.conf configuration file.

   pg_hba.conf file location

   Windows OS: C:\Program Files\PostgreSQL<version number>\data
   Linux OS: /etc/postgresql/<version number>/main.

2. Add a string in the following format:

   CONNECTIONTYPE DATABASE USER ADDRESS METHOD
   • CONNECTIONTYPE – the name of the connection type. Specify host to use TCP/IP connection.
   • DATABASE – the name of the database.
   • USER – name of the user who accesses the database.
   • ADDRESS – the IP address of the remote Axidian CertiFlow server.
   • METHOD – the user authentication method.

   host AxidianStorage servicepg 192.200.1.0/24 md5