Configuring Publishing To An Ldap Directory - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Figure 8.5. Publisher Editor Window
The host can be the fully-qualified domain name or an IPv4 or IPv6 address.
5. Set the publisher ID, an alphanumeric string with no spaces like PublishCertsToOCSP; the fully-
qualified domain name, such as ocspResponder.example.com, and port number of the Online
Certificate Status Manager; and the default path, /ocsp/ee/ocsp/addCRL.
After configuring the publisher, configure the rules for the published certificates and CRLs, as
Section 8.2.4, "Creating
described in
8.2.3. Configuring Publishing to an LDAP Directory
Configuring LDAP publishing is similar to other publishing procedures, with additional steps to
configure the directory:
1. Configure the Directory Server to which certificates will be published. Certain attributes have to be
added to entries and bind identities and authentication methods have to be configured.
2. Configure a publisher for each type of object published: CA certificates, cross-pair certificates,
CRLs, and user certificates. The publisher declares in which attribute to store the object. The
attributes set by default are the X.500 standard attributes for storing each object type. This
attribute can be changed in the publisher, but, generally, it's not necessary to change the LDAP
publishers.
3. Set up mappers to enable an entry's DN to be derived from the certificate's subject name.
This generally does not need set for CA certificates, CRLs, and user certificates. There can be
Configuring Publishing to an LDAP Directory
Rules".
211
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?