End User - Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT Deployment Manual

Figure 2.5. Certificate Manager's Agent Services Page
The operations vary depending on the subsystem:
• The Certificate Manager agent services include approving certificate requests (which issues the
certificates), revoking certificates, and publishing certificates and CRLs. All certificates issued by the
CA can be managed through its agent services page.
• The TPS agent services, like the CA agent services, manages all of the tokens which have been
formatted and have had certificates issued to them through the TPS. Tokens can be enrolled,
suspended, and deleted by agents. Two other roles (operator and admin) can view tokens in web
services pages, but cannot perform any actions on the tokens.
• DRM agent services pages process key recovery requests, which set whether to allow a certificate
to be issued reusing an existing key pair if the certificate is lost.
• The OCSP agent services page allows agents to configure CAs which publish CRLs to the OCSP, to
load CRLs to the OCSP manually, and to view the state of client OCSP requests.
• The RA agent services allows agents to list and approve certificate requests and to check the status
of requests and certificates processed through the RA.
The TKS is the only subsystem without an agent services page.
2.2.3. End User Pages
The CA, RA, and TPS all process direct user requests in some way. That means that end users have
to have a way to connect with those subsystems. The CA and RA both have end-user, or end-entities,
HTML services. The TPS uses the Enterprise Security Client.
End User Pages
37