Managing Certificates And The Certificate Database - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
change the privileges of a user, group, or IP address. You can also create new groups and
assign privileges to those groups by adding ACI entries for that group in the ACLs. For
complete details about creating users, assigning users to groups, creating groups, and
changing ACIs and ACLs, see Chapter 9, "Authorization."
Default ACL Configuration
The configuration set up for the Certificate Manager gives the following privileges to
members of the following groups:
•
Members of the Administrator group can perform any operations in the administrative
interface including viewing configuration settings, changing configuration settings,
adding or deleting plug-ins, creating or deleting instances or plug-ins, and viewing all
logs except for the signed audit log—if you have the signed audit feature set up.
Administrators do not have access to the agent services interface or any task performed
there.
•
Members of the Auditor group can view the signed audit log, and can view
configuration settings, but cannot perform any other operations on configuration
settings and do not have access to the agent services interface.
•
Members of the Certificate Manager Agent group can view configuration settings in
the administrative interface, but cannot perform any other operations on the
configuration settings. They can perform all operations for all tasks associated with the
agent services interface. They are allowed to communicate with the CA via the agent
services port.
•
Members of the Trusted Manager group are allowed to communicate with the
Certificate Manager.
Managing Certificates and the Certificate Database
The CA signing certificate, SSL encryption certificate, and OCSP signing certificate are
created and installed during the installation of the Certificate Manager. See "Certificate
Manager Certificates," on page 79 for more information about these certificates and the
things you should consider before getting these certificates.
CS contains a Certificate Wizard that allows you to create additional certificates, or to
renew or replace a certificate for the Certificate Manager. See "Certificate Setup Wizard,"
on page 289 for details of using the wizard and about renewing or replacing a subsystem
certificate.
Configuring the Certificate Manager
Chapter 3
Certificate Manager
103
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?