Enterprise Security Client - Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT Deployment Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8 - DEPLOYMENT:
- Manual (86 pages) ,
- Install manual (132 pages)
Table of Contents
Advertisement
Chapter 2. Overview of Red Hat Certificate System Subsystems
The end-user services are accessed over standard HTTP using the server's hostname and the
standard port number; they can also be accessed over HTTPS using the server's hostname and the
specific end-entities SSL port.
For CAs, each type of SSL certificate is processed through a specific online submission form, called
a profile. There are about two dozen certificate profiles for the CA, covering all sorts of certificates —
user SSL certificates, server SSL certificates, log and file signing certificates, email certificates, and
every kind of subsystem certificate. There can also be custom profiles.
Figure 2.6. Certificate Manager's End-Entities Page
End users retrieve their certificates through the CA pages when the certificates are issued. They can
also download CA chains and CRLs and can revoke or renew their certificates through those pages.
The RA is a more lightweight subsystem, so it only processes four common certificate profiles.
Like the CA, the enrollment forms are accessed through the End Entities URL. Users can submit
certificate requests and retrieve their certificates through the RA.
2.2.4. Enterprise Security Client
The Enterprise Security Client is a tool for Red Hat Certificate System which simplifies managing
smart cards. End users can use security tokens (smart cards) to store user certificates used for
applications such as single sign-on access and client authentication. End users are issued the tokens
containing certificates and keys required for signing, encryption, and other cryptographic functions.
The Enterprise Security Client is the third part of Certificate System's complete token management
system. Two subsystems — the Token Key Service (TKS) and Token Processing System (TPS) —
are used to process token-related operations. The Enterprise Security Client is the interface which
allows the smart card and user to access the token management system.
After a token is enrolled, applications such as Mozilla Firefox and Thunderbird can be configured to
recognize the token and use it for security operations, like client authentication and S/MIME mail.
Enterprise Security Client provides the following capabilities:
38
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8 - DEPLOYMENT and is the answer not in the manual?
Questions and answers