Configuring The Channels Between The Tps And Tokens - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual

Hide thumbs Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
Table of Contents

Advertisement

Chapter 5. Using and Configuring the Token Management System: TPS, TKS, and Enterprise Security Client
First, the Enterprise Security Client has to have the CA certificate for the CA which issued the TPS's
certificates in order to trust the TPS connection.
1. Open the CA's end user pages in a web browser.
https://server.example.com:9444/ca/ee/ca
2. Click the Retrieval tab at the top.
3. In the left menu, click the Import CA Certificate Chain link.
4. Choose the radio button to download the chain as a file, and remember the location and name of
the downloaded file.
5. Open the Enterprise Security Client. For example:
/usr/lib/esc-1.0.1/esc
6. Click the View Certificates button.
7. Click the Authorities tab.
8. Click Import, and navigate to the CA certificate chain file.
9. When prompted, confirm that you want to trust the CA.
The Enterprise Security Client needs to be configured to communicate with the TPS over SSL; this is
done by setting the Phone Home URL, which is the default URL the Enterprise Security Client uses to
connect to the TPS.
Resetting the Enterprise Security Client's Phone Home URL is described in more detail in Managing
Smart Cards with the Enterprise Security Client.
1. Open the Enterprise Security Client. For example:
/usr/lib/esc-1.0.1/esc
2. Insert a new, blank token into the machine.
Blank tokens are unformatted, so they do not have an existing Phone Home URL, and the URL
must be set manually. Formatted tokens (and tokens can be formatted by the manufacturer or by
your IT department) already have the URL set, and thus do not prompt to set the Phone Home
URL.
3. Fill in the new TPS URL with the SSL port information. For example:
https://server.example.com:7890/cgi-bin/home/index.cgi

5.7.2. Configuring the Channels between the TPS and Tokens

The TPS communicates with a token through the user interface, the Enterprise Security Client. This
channel can be configured for four attributes:
• Its size
156

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?

Table of Contents