Viewing Certificates And Crls Published To File; Configuring The Directory For Ldap Publishing; Schema - Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION Administration Manual

PrettyPrintCrl input_file [output_file]
13. Compare the output.

14.8. Viewing Certificates and CRLs Published to File

Certificates and CRLs can be published to two types of files: base-64 encoded or DER-encoded. The
content of these files can be viewed by converting the files to pretty-print format using the dumpasn1
tool or the PrettyPrintCert or PrettyPrintCRL tool.
To view the content in a base-64 encoded file, do the following:
1. Convert the base-64 file to binary. For example:
AtoB /tmp/example.b64 /tmp/example.bin
2. Use the PrettyPrintCert or PrettyPrintCRL tool to convert the binary file to pretty-print
format. For example:
PrettyPrintCert example.bin example.cert
Alternatively, the dumpasn1 can be used to convert a binary certificate or CRL to pretty-print
format. The dumpasn1 tool can be downloaded at
repoview/dumpasn1-0-20050404-1.fc4.html.
To view the content of a DER-encoded file, simply run the dumpasn1, PrettyPrintCert, or
PrettyPrintCRL tool with the DER-encoded file. For example:
PrettyPrintCRL example.der example.crl

14.9. Configuring the Directory for LDAP Publishing

Before certificates and CRLs can be published, the Directory Server must be configured to work with
the publishing system.
Section 14.9.1, "Schema"
•
Section 14.9.2, "Entry for the CA"
•
Section 14.9.3, "Bind DN"
•
Section 14.9.4, "Directory Authentication Method"
•

14.9.1. Schema

For a Certificate Manager to publish certificates and CRLs to a directory, it must be configured with
specific attributes and object classes. This section discusses those basic schema requirements.
Viewing Certificates and CRLs Published to File
http://fedoraproject.org/extras/4/i386/repodata/
325