Setting Up Cmc Enrollment - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
ldap.basedn. Specifies the base DN for searching the authentication directory—the
server uses the value of the
enrollment from) and the base DN to construct an LDAP search filter.
ldap.objectclass. Specifies the object class to modify or update in the portal directory.
Permissible values: Must be
ldap.minConns. Specifies the minimum number of connections permitted to the
authentication directory. Permissible values:
ldap.maxConns. Specifies the maximum number of connections permitted to the
authentication directory. Permissible values:
Click OK. The authentication instance is now set up and enabled.
7.
Setting Up CMC Enrollment
Note: The enrollment method described here will return Javascript rather than a CMC
response. This information has been deprecated. See Setting Up a CMC Client (page 115)
for the latest information.
CMC enroll allows you to set up your own enrollment client, sign the certificate request
with your agent certificate, and then send the signed request to the Certificate Manager.
When this method is setup, the Certificate Manager will automatically issue certificates
when a valid request signed with the agent certificate is received.
The CMCAuth authentication plug-in also activates CMC Revoke. CMC Revoke allows
you to set up your own revocation client, sign the certificate request with your agent
certificate, and then send the signed request to the Certificate Manager. When this method
is setup, Certificate Manager will automatically revoke certificates when a valid request
signed with the agent certificate is received.
To set up CMC enroll you do the following:
•
Set any policies for certificate extensions, or for constraints on certificates, see Chapter
12, "Policies" for information about policies. Alternatively, you can enroll users
through the certificate profile functionality setting policies for specific certificates in
the certificate profile, see Chapter 11, "Certificate Profiles" for information about
policies.
•
Set up the
CMCAuth
created and enabled by default. It has no configuration parameters. When the instance
is enabled, CMC enrollment and CMC revocation are both enabled for the server.) See
"Setting Up the PortalEnroll Authentication," on page 383 for details.
field from the HTTP input (what a user enters in the
uid
inetOrgPerson
Authentication plug-in. (An instance of this plug-in module is
for the default portal enrollment form.
to
.
1
3
to
.
3
10
Chapter 10
Automated Enrollment
Authentication
385
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?