Table of Contents
Advertisement
How the Tool Works
•
On Unix:
•
On Windows NT:
How PINs Are Stored in the Directory
Each PIN is concatenated with the corresponding user's LDAP attribute named in
the
saltattribute
is used. Then, this string is hashed with the hash routine specified in the hash
argument (the default selection is SHA-1).
Then, one byte is prepended to indicate the hash type used. Here's how the PIN
gets stored:
byte[0] = X
The value of
process:
X=0
X=1
X=45
byte[1...] = hash("DN"+"pin")
The PIN is stored in the directory as a binary value, not as a base-64 encoded value.
Exit Codes
The PIN Generator returns exit codes to the shell window; for a list of codes, see
Table 5-3. If you plan on automating the PIN-generation process, exit codes are
useful in programming shell scripts.
Exit codes returned by the PIN Generator
Table 5-3
Exit code
Description
Indicates that PIN generation was successful; that is, PINs are set for all the DNs in the
0
specified directory.
Indicates that the tool could not open the certificate database specified by the certdb
2
parameter.
Indicates that the tool could not locate the certificate specified by the nickname
3
parameter in the specified certificate database.
54
Netscape Certificate Management System Command-Line Tools Guide • February 2003
\n
\r\n
argument. If this argument is not specified, the DN of the user
depends on the hash algorithm chosen during the PIN generation
X
if the hash algorithm chosen is
if the hash algorithm chosen is
if the hash algorithm chosen is
.
SHA-1
.
MD5
.
none
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE and is the answer not in the manual?
Questions and answers