Step B. Set The Crl Extensions - Netscape MANAGEMENT SYSTEM 4.5 Installation And Setup Manual
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 4.5:
Table of Contents
Advertisement
Allow extensions. Check this box if you want to allow extensions in the CRL. If
you enable this option, the server generates and publishes CRLs conforming to
X.509 version 2 standard. If you disable this option, the server generates and
publishes CRLs conforming to X.509 version 1 standard. By default, the server
publishes version 1 CRLs. If you enable this option, be sure to set the required
CRL extensions as described in "Step B. Set the CRL Extensions" on page 651.
Revocation list signing algorithm. Select the algorithm the server should use
to sign the CRL. If the Certificate Manager's signing key type is RSA, select
,
with RSA
MD5 with RSA
signing key type is DSA, select
To save your changes, click Save.
5.
If the changes you made require you to restart the server, you are prompted
accordingly. However, don't restart the server yet; you can restart it after
you've made all the required changes.
Step B. Set the CRL Extensions
Complete this step only if you configured the Certificate Manager to publish
version 2 CRLs—that is, you selected the "Allow extensions" option in "Step A.
Specify CRL Details" on page 649.
During installation, the Certificate Manager creates default CRL extension rules;
these are documented in CMS Plug-ins Guide. Note that the server is configured to
add the CRL Reason extension only; all the other rules are in the disabled state. In
this step, you modify the default CRL extension rules to add the required CRL
extensions.
Configuring a Certificate Manager to Publish Certificates and CRLs
, or
SHA-1 with RSA
SHA-1 with DSA
Chapter 19
. If the Certificate Manager's
.
Setting Up LDAP Publishing
MD2
651
Advertisement
Table of Contents
