Step 4. Deploy The New Certificate; Deploying Certificate Manager's Ca Signing Certificate - Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.0:
- Manual (302 pages) ,
- Installation and migration manual (66 pages) ,
- Administrator's manual (470 pages)
Table of Contents
Advertisement
Getting New Certificates for the Subsystems
Step 4. Deploy the New Certificate
In this step, follow the instructions appropriate for the certificate you installed:
•
If you installed a new CA signing certificate for a Certificate Manager, see
"Deploying Certificate Manager's CA Signing Certificate" on page 470.
•
If you installed a new signing certificate for a Registration Manager, see
"Deploying Registration Manager's Signing Certificate" on page 471.
•
If you installed a new transport certificate for a Data Recovery Manager, see
"Deploying Data Recovery Manager's Transport Certificate" on page 472.
•
If you installed a new SSL server certificate, see "Deploying a Subsystem's SSL
Server Certificate" on page 473.
Deploying Certificate Manager's CA Signing Certificate
If you reissued the Certificate Manager's CA signing certificate with a new key
material, none of the certificates issued by the CA using its old key will work. For
example, if the CA has issued certificates to subordinate Certificate Managers,
Registration Managers, Data Recovery Managers, Online Certificate Status
Manager, and agents, all those certificates will become invalid—the subsystems
will fail to function and agents will fail to access the agent interfaces.
To reinstate your PKI, first you should get an agent certificate from the new CA so
that you can get access to the Certificate Manager's agent interface. Once you have
access to this interface, you will be able to approve new certificate requests from
entities such as Registration Managers, Data Recovery Managers, Online
Certificate Status Managers, and agents.
To request an agent certificate from the new CA:
Go to this directory: <
1.
Open the configuration file,
2.
Locate the
3.
from
cmsGateway.enableAdminEnroll=true
Save your changes and close the file.
4.
Restart the server.
5.
Open a web browser window.
6.
470
Netscape Certificate Management System Installation and Setup Guide • March 2002
server_root>/cert-<instance_id>/config
cmsGateway.enableAdminEnroll
to
. The modified parameter should look like this:
false
true
, in a text editor.
CMS.cfg
parameter and change its value
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
Need help?
Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 6.0 and is the answer not in the manual?