Ssl Server Key Pair And Certificate; Online Certificate Status Manager's Key Pairs And Certificates; Ocsp Signing Key Pair And Certificate - Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.0:
- Manual (302 pages) ,
- Installation and migration manual (66 pages) ,
- Administrator's manual (470 pages)
Table of Contents
Advertisement
SSL Server Key Pair and Certificate
Every Data Recovery Manager you have installed has at least one SSL server
certificate. The first time you generated this certificate is when you installed the
Data Recovery Manager. The default nickname for the certificate is
Server-Cert cert-<instance_id>
instance in which the Data Recovery Manager is installed.
The Data Recovery Manager's SSL server certificate was issued by the CA to which
you submitted the certificate signing request. You might have submitted the
request to the Certificate Manager that is installed in the same instance, an
internally deployed CA, or a public CA. To find out the issuer name, follow the
instructions in "Viewing the Certificate Database Content" on page 482.
The Data Recovery Manager uses its SSL server certificate to do SSL server-side
authentication to the following:
•
The end entity services interface (the HTTPS port)
•
The Data Recovery Manager Agent Services interface
By default, the Data Recovery Manager uses a single SSL server certificate for
authentication purposes. However, you can request and install additional SSL
server certificates for the Data Recovery Manager. For example, you can configure
the Data Recovery Manager to use separate server certificates for authenticating to
Netscape Console, the end entity services interface, and the Data Recovery
Manager Agent Services interface. For instructions, see "Configuring the Server to
Use Separate SSL Server Certificates" on page 459.
Online Certificate Status Manager's Key Pairs
and Certificates
The Online Certificate Status Manager uses the following certificates:
•
OCSP Signing Key Pair and Certificate
•
SSL Server Key Pair and Certificate
OCSP Signing Key Pair and Certificate
Every Online Certificate Status Manager you have installed has a certificate,
identified as the Online Certificate Status Manager signing certificate, whose public
key corresponds to the private key the Online Certificate Status Manager uses to
sign OCSP responses before sending them to OCSP-compliant clients. The Online
Certificate Status Manager's signature provides persistent proof to an
Keys and Certificates for the Main Subsystems
, where
<instance_id>
Chapter 14
Managing CMS Keys and Certificates
identifies the CMS
429
Advertisement
Table of Contents
