Setting Up The Server For Multiple Requests In A Full Cmc Request - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual

Click OK. The authentication instance is now set up and enabled.
f.
3. Use the CMCEnroll utility to sign certificate requests with the agent certificate.
This utility has the following syntax:
CMCEnroll -d /certificate/directory -h password
-n cert_nickname -r certrequest.file -p certDB_passwd [-c]
Parameter Description
The location of the directory containing the cert8.db, key3.db, and secmod.db files assoc
d
agent certificate.
Password to the database specified in the d option.
h
The common name of the certificate.
n
The filename of the certificate request.
r
The password to the browser certificate database.
p
Optional. Includes a comment about the request.
c
Table 9.1. CMCEnroll Usage Options
NOTE
Surround values that include spaces in quotation marks.
9.3.1. Setting up the Server for Multiple Requests in a Full CMC
Request
CMC supports multiple CRMF or PKCS #10 requests in a single full CMC request. If the
numRequests parameter in the .cfg file is larger than 1, modify the server's certificate profile by
doing the following:
1. By default, the servlet processing a full CMC request uses the caFullCMCUserCert profile. This
profile only handles a single request.
2. To use the new profile instead of the default, modify the web.xml file in the /var/lib/pki-
ca/webapps/WEB-INF/ directory. Locate the servlet which processes the full CMC request; by
default, this is /ca/profileSubmitCMCFull. Change the value for the profileID parameter
to the name of the new profiles.
NOTE
To modify the profile for the end-user services, edit the profiles in the /var/lib/
pki-ca/webapps directory. If the services are not separated, edit the profiles in the
/var/lib/pki-ca/webapps (agent services) directory.
For information on creating a new profile, see

Setting up the Server for Multiple Requests in a Full CMC Request

Chapter 2, Making Rules for Issuing Certificates.
245