Managing Certificates And The Certificate Database - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

Hide thumbs Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents

Advertisement

Configuring a Registration Manager
Default ACL Configuration
The configuration set up for the Certificate Manager gives the following privileges to
members of the following groups:
Members of the Administrator group can perform any operations in the administrative
interface including viewing configuration settings, changing configuration settings,
adding or deleting plug-ins, creating or deleting instances or plug-ins, and viewing all
logs except for the signed audit log—if you have the signed audit feature set up.
Administrators do not have access to the agent services interface or any task performed
there.
Members of the Auditor group can view the signed audit log, and can view
configuration settings, but cannot perform any other operations on configuration
settings and do not have access to the agent services interface.
Members of the Registration Manager Agent group can view configuration settings in
the administrative interface, but cannot perform any other operations on the
configuration settings. They can perform all operations for all tasks associated with the
agent services interface. They are allowed to communicate with the RA via the agent
services port.
Members of the Trusted Manager group are allowed to communicate with the
Certificate Manager.

Managing Certificates and the Certificate Database

The signing certificate and SSL encryption certificate are created and installed during the
installation of the Registration Manager. See "Registration Managers Certificates," on page
129 for more information about these certificates and the things you should consider before
getting these certificates.
CS contains a Certificate Wizard that allows you to create additional certificates, or to
renew or replace a certificate for the Registration Manager. See "Certificate Setup Wizard,"
on page 289 for details of using the wizard and about renewing or replacing a subsystem
certificate.
Trust Settings and CA Certificates
The trusted database also contains the CA certificates for those CAs that the subsystem
trusts. If your subsystem has certificates from a CA or accepts certificates that are issued by
a CA, it must have a copy of those CA certificates in the trusted database, and they must be
configured as trusted, see "Changing the Trust Settings of a CA Certificate," on page 286
and "Installing a New CA Certificate in the Certificate Database," on page 288.
146
Red Hat Certificate System Administrator's Guide • September 2005

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?

This manual is also suitable for:

Certificate system 7.1 - adminsistrator

Table of Contents