Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual page 424
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.0:
- Manual (302 pages) ,
- Installation and migration manual (66 pages) ,
- Administrator's manual (470 pages)
Table of Contents
Advertisement
Keys and Certificates for the Main Subsystems
f.
g.
h.
i.
After you've installed the certificate successfully, go to the Tasks tab and stop
2.
the Certificate Manager.
Update the Certificate Manager's configuration to recognize the new key pair
3.
and certificate.
a.
b.
c.
d.
424
Netscape Certificate Management System Installation and Setup Guide • March 2002
Once you have the certificate request ready, submit it to the Certificate
Manager so that it can issue a certificate—in the request submission screen
of the wizard, use the auto-submission feature by entering the Certificate
Manager's hostname and port number so that the request gets added to the
Certificate Manager's agent queue. For general instructions to use the
wizard to request a certificate, see section "Using the Wizard to Request a
Certificate" on page 437.
Log in to the Agent Services interface, check the request for required
extensions. For example, the CRL signing certificate must contain the Key
Usage extension with the
Manager's policy is configured to add the Key Usage extension with
correct bits to the CRL signing certificate; see the policy rule named
CRLSignCertKeyUsageExt
Approve the request.
Once you have the CRL signing certificate ready, restart the wizard and
install the certificate in the Certificate Manager's database. For general
instructions to use the wizard to add a certificate, see "Using the Wizard to
Install a Certificate or Certificate Chain" on page 452.
In the Certificate Manager host machine, go to this directory:
<server_root>/cert-<instance_id>/config
Open the configuration file (
Add the following lines to the configuration file:
ca.crl_signing.cacertnickname=<nickname> cert-<instance_id>
ca.crl_signing.defaultSigningAlgorithm=<signing_algorithm>
ca.crl_signing.tokenname=<token_name>
Edit the lines as below. Replace
with the name assigned to the CRL signing certificate.
<nickname>
with the name assigned to the Certificate Manager
<instance_id>
instance.
<signing_algorithm>
the key type is RSA, or
bit set. (By default, the Certificate
crlSigning
, which is an instance of
) in a text editor.
CMS.cfg
with
,
MD5withRSA
MD2withRSA
, if the key type is DSA.
SHA1withDSA
plug-in.)
KeyUsageExt
, or
, if
SHA1withRSA
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN