1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Software
  5. CERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE
  6. Manual

Step 7: Customizing User Data (Non-Console) - Red Hat CERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE Manual

Hide thumbs
Table of Contents

Advertisement

Chapter 8.
Step 7: Customizing User Data
(Non-Console)
Copy all customized plug-ins, profiles, and forms to the Certificate System 7.3 server, and apply
any hand-edited changes to the Certificate System 7.3
In this example, the profile configuration in the old_CA_instance has been changed to enable
S/MIME support. To migrate the configuration, make the same changes to the
new_CA_instance. In Certificate Management System 6.x, S/MIME support is enabled by
editing the
caTokenUserEncryptionKeyEnrollment
the corresponding new_CA_instance profile.
1. Log into the 6.x server as the Certificate Management System user for that machine, and
open the Certificate Management System
2. Copy the
policy set in the
p1
policyset.set1.p1.constraint.class_id=noConstraintImpl
policyset.set1.p1.constraint.name=No Constraint
policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
policyset.set1.p1.default.params.dnpattern=UID=$request.uid$,OU=Engineering,O=Example
policyset.set1.p1.default.params.ldap.enable=true
policyset.set1.p1.default.params.ldap.searchName=uid
policyset.set1.p1.default.params.ldapStringAttributes=uid,mail
policyset.set1.p1.default.params.ldap.basedn=dc=example,dc=com
policyset.set1.p1.default.params.ldap.maxConns=4
policyset.set1.p1.default.params.ldap.minConns=1
policyset.set1.p1.default.params.ldap.ldapconn.Version=2
policyset.set1.p1.default.params.ldap.ldapconn.host=ldaphostA.example.com
policyset.set1.p1.default.params.ldap.ldapconn.port=389
policyset.set1.p1.default.params.ldap.ldapconn.secureConn=false
This configuration enables S/MIME support for services that use this profile to obtain
certificates, such as token management systems.
3. Log into the new server as the Certificate System user, and open the Certificate System
directory.
profiles/ca/
4. Manually change the configuration in the new_CA_instance configuration to mimic the
old_CA_instance configuration by editing the
caTokenUserEncryptionKeyEnrollment.cfg
policyset.set1.p1.constraint.class_id=noConstraintImpl
policyset.set1.p1.constraint.name=No Constraint
policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
policyset.set1.p1.default.params.dnpattern=UID=$request.uid$,
profile. Duplicate these changes over to
profiles/ca/
caTokenUserEncryptionKeyEnrollment.cfg
policy set in the
p1
file, as shown:
file.
CS.cfg
directory.
file, as shown:
59

Advertisement

Table of Contents
loading

Related Manuals for Red Hat CERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE

Related Content for Red Hat CERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE

This manual is also suitable for:

Certificate system 6.1Certificate system 6.2Certificate system 7.3 - administration

Table of Contents