Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 355
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
14.3.2.2. Changing a Certificate System User's Certificate
1. Log into the administrative console.
2. Select Users and Groups.
3. Select the user to edit from the list of user IDs, and click Certificates.
4. Click Import to add the new certificate.
5. In the Import Certificate window, paste the new certificate in the text area. Include the -----
BEGIN CERTIFICATE----- and -----END CERTIFICATE----- marker lines.
14.3.2.3. Renewing Administrator and Agent Certificates
There are two methods of renewing a certificate. Regenerating the certificate takes its original key and
its original profile and request, and recreates an identical key with a new validity period and expiration
date. Re-keying a certificate resubmits the initial certificate request to the original profile, but generates
a new key pair. Administrator certificates can be renewed by being re-keyed.
Each subsystem has a default administrative user that was created at the time the subsystem was
created. A new certificate can be requested for this user when their original one expires, using one of
the default renewal profiles.
Certificates for administrative users can be renewed directly in the end user enrollment forms, using
the serial number of the original certificate.
1. Renew the admin user certificates in the CA's end users forms, as described in
"Certificate-Based
it).
Agent certificates can be renewed by using the certificate-based renewal form in the end entities
page. Self-renew user SSL client certificate. This form recognizes and updates the certificate
stored in the browser's certificate store directly.
TIP
It is also possible to renew the certificate using certutil, as described in
Section 4.7.3.2, "Renewing Certificates Using
certificate stored in a browser to initiate renewal, certutil uses an input file with the
original key.
2. Import the renewed user certificate into the subsystem's security database. For example:
certutil -A -n "CA Administrator of Instance pki-ca" -t u,u,u -d /var/lib/pki-ca/alias -a
-i /tmp/example.cert
14.3.2.4. Deleting a Certificate System User
Users can be deleted from the internal database. Deleting a user from the internal database deletes
that user from all groups to which the user belongs. To remove the user from specific groups, modify
the group membership.
Delete a privileged user from the internal database by doing the following:
Renewal". This must be the same CA as first issued the certificate (or a clone of
Section 4.7.3.1.2,
certutil". Rather than using the
Managing Users
333
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?