Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 365

https://server.example.com:12889/services
3. Click the Administrator Services link.
4. Click the New User link.
5. Fill in the user ID, full name, and email address of the user, and paste in the base 64-encoded
certificate requested in the first step (including the ----BEGIN CERTIFICATE----- and ----
END CERTIFICATE----- lines).
6. Click the Add New User link at the bottom of the form.
7. Once the user is created, add him as a member to the appropriate group so that the user can
perform any RA agent or administrator functions. Adding members to groups is covered in
Section 14.4.1.3, "Adding and Removing Users in an RA
14.4.2.3. Generating Agent Certificates for RA Agents
RA agents must have a client certificate that allows them to authenticate to the RA subsystem
(meaning accessing the RA agent and administrator services pages). Any SSL client certificate can be
used, as long as it is added to the RA's LDAP database, but it is easier to use the default enrollment
process in the RA services page.
1. Request a one-time PIN to use as a certificate request.
a. Click SSL End Users Services to open the request submission page.
b. Click Agent Enrollment.
Managing RA Users
Group".
343