Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE Manual page 28

Chapter 4. Using the Enterprise Security Client
Since the Enterprise Security Client is based on Mozilla XULRunner, each user has a profile
similar to the user profiles used by Mozilla Firefox or Thunderbird. The Enterprise Security
Client accesses the configuration preferences file. When the Enterprise Security Client caches
information for each token, the information is stored in the user's configuration file. The next
time the Enterprise Security Client is launched, it retrieves the information from the configuration
file instead of contacting the server again.
The Phone Home information is put on the token in one of two ways:
• The preferred method is that the information is burned onto the token at the factory. When the
tokens are ordered from the manufacturer, the company should also supply detailed
information on how the tokens should be configured when shipped.
• If tokens are blank, the company IT department can supply the information when formating
small groups of tokens.
The following information is used by the Phone Home feature for each smart card:
• The TPS server and port. For example:
"esc.key.40900062ff020000ba87.tps.url" =
"http://tps.example.com:12443//nk_service"
• The TPS enrollment interface URL. For example:
"esc.key.40900062ff020000ba87.tps.url" =
"http://tps.example.com:12443/cgi_bin/esc.cgi?"
• The issuing company name or ID. For example:
"esc.key.40900062ff020000ba87.issuer.name" = "Example Corp"
• The Phone Home URL. For example:
"esc.key.40900062ff020000ba87.phone.home.url" =
"http://tps.example.com:12443/phone_home/phone_home.cgi?"
• Optionally, a default browser URL to access when an enrolled smart card is inserted.
"esc.key.40900062ff020000ba87.EnrolledTokenBrowserURL" =
22