Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 132
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Chapter 4. Requesting, Enrolling, and Managing Certificates
4.6.3.1. Auto Enrollment Proxy Registry Settings
The Auto Enrollment Proxy stores its configuration settings in the Windows registry, underneath the
following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Red Hat\RHCSProxy\Config
This entry defines the basic behaviors of the proxy service.
Name
RequestType
LogOptions
AuthenticationCertificate
CACertificate
RetryInterval
Table 4.3. Auto Enrollment Proxy Registry Settings
4.6.3.2. Listing and Adding CAs in the Windows Domain
All of the CAs configured for enrollment services for a domain are listed in Active directory in the
CN=Enrollment Services,CN=Public Key Services subtree. This subtree can be queried to
show what Certificate Managers are configured for the proxy and what certificate templates and other
settings they have available. For example:
dsquery * "CN=Example RHCS CA,CN=Enrollment Services,CN=Public Key
Services,CN=Services,CN=Configuration,DC=server,DC=example,DC=com" -scope base -attr *
The actual configuration for the Certificate Manager is defined in the registry entries for the proxy
service. All proxy CAs are listed in the registry under the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Red Hat\RHCSProxy\Config\CertificateAuthorities
Each configured CA is then a subkey under the main entry.
[HKEY_LOCAL_MACHINE\SOFTWARE\Red Hat\RHCSProxy\Config\CertificateAuthorities\1]
"hostname"="ca.example.com" "port"="9444" "catype"="3"
New CAs can be added by directly editing the registry entry and adding a new CA or by opening the
proxy configuration console and adding a new entry there.
110
Description
The type of certificate request
to send to the CA. The only
supported value is PKCS10.
An decimal integer representing
a bitmask of all the selected log
options.
A hash of the chosen
certificate to use for SSL client
authentication to the CA.
A binary value, for the DER
encoded binary CA certificate.
The number of seconds to wait
before trying to use a CA which
was previously failing.
Example
PKCS10
503
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?