Configuring Publishers; Configuring Publishers For Publishing To A File - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

rule which it matches is activated. The same certificate can be published to a file and to an LDAP
directory by matching a file-based rule and matching a directory-based rule.
Rules can be set for each object type: CA certificates, CRLs, user certificates, and cross-pair
certificates. There can be different rules for different kinds of certificates or different kinds of CRLs.
The rule first determines if the object meets the criteria by matching the type and predicate
set in the rule. The destination of matching objects is determined by the publisher and mapper
associated with the rule.
For details about setting rules, see
CRLs".
5. Configure CRLs. CRLs must be configured before they can be published. See
Revocation and CRLs.
6. Enable publishing after setting up publishers, mappers, and rules. Once publishing is enabled,
the server starts publishing immediately. If the publishers, mappers, and rules are not completely
configured, publishing may not work correctly or at all.
Section 15.6, "Enabling
For details, see

15.3. Configuring Publishers

Publishers specify the location where a particular object is published. There can be a single publisher
to publish everything to a single location or multiple publishers for multiple destinations. When
publishing to a file, a publisher sets the directory where the files are published. For OCSP publishing,
a publisher specifies a particular Online Certificate Status Manager to which to publish a CRL.
For LDAP publishing, a publisher specifies a particular attribute in the LDAP entry that stores the
published file.

15.3.1. Configuring Publishers for Publishing to a File

Publishers must be created and configured for each publishing location; publishers are not
automatically created for publishing to a file. To publish all files to a single location, create one
publisher. To publish to different locations, create a publisher for each location. A location can either
contain an object type, like user certificates, or a subset of an object type, like West Coast user
certificates.
To create publishers for publishing to files, do the following:
1. Log into the Certificate Manager Console.
pkiconsole https://server.example.com:9443/ca
2. In the Configuration tab, select Certificate Manager from the navigation tree on the left. Select
Publishing, and then Publishers.
The Publishers Management tab, which lists configured publisher instances, opens on the right.
Section 15.5.1, "Modifying Publishing Rules for Certificates and
Publishing".
Configuring Publishers
Chapter 14,
341