Setting Up A Trusted Manager - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
To verify, log in to the CS console for the Certificate Manager.
10.
In the navigation tree, click Users and Groups. The user ID you specified for the new
11.
agent will be listed there.
To view the certificate issued to the new agent, select the user ID and click Certificates.
12.
Setting Up a Trusted Manager
You can set up a trusted manager in two ways. The first is an automated processes that
creates the trusted relationship when the certificate for the subsystem is approved. The
automated processes is not available with the certificate profile enrollment. The second is a
manual process of creating a user ID, assigning the user ID to the Trusted Manager group,
and storing the certificate of the trusted manager.
Setting up Trusted Managers Using the Automated Process
(Not for certificate profile enrollment)
The automated process for setting up a trusted manager is contained in the request-approval
form in the agent services interface of the Certificate Manager allowing an agent, who also
has administrative privileges to this Certificate Manager, to designate a subsystem a trusted
manager when the subsystem gets its certificate. Once the subsystem has been designated a
trusted manager in the certificate request, and the request has been approved, the Certificate
Manager automatically creates a user ID for the subsystem, adds this user ID to the Trusted
Managers group, copies the certificate to the database, and associates the certificate with the
subsystem's user entry.
This automated process can be used to set up trusted managers when either a Certificate
Manager makes its SSL server certificate request to a Certificate Manager that will trust it,
or when a Registration Manager makes its signing certificate request to a Certificate
Manager that will trust it. This automated process cannot be used to establish a trusted
relationship with a Data Recovery Manager; you must set up a trusted relationship with a
Data Recovery Manager manually.
To use the automated process, the following has to happen:
•
The subsystem that will be trusted makes its signing certificate request to the
Certificate Manager.
•
A user who has both administrator and agent privileges with the Certificate Manager
providing trust designated this subsystem as a trusted manager by doing the following:
❍
Selecting "This certificate is for a Trusted Manager" in the request-approval form
for this certificate.
Setting Up a Trusted Manager
Chapter 9
Authorization
321
Advertisement
Table of Contents
