Table of Contents
Advertisement
Note that additional extensions can be set by means of policy modules, which
must be configured by the CMS administrator.
If you want to add extensions other than Netscape certificate type extensions,
6.
you can paste a base-64 encoding of the extension in the "Additional
Extensions" field.
You can use the tools provided for generating extensions to include in CA and
other certificate requests. For details about these tools, check this directory:
<server_root>/bin/cert/tools
The certificate extension text field accepts a single extension blob. If you want
to add multiple extensions, you should use the
also provided in the above directory. For details about this tool, see "Extension
Joiner Tool" in CMS Command-Line Tools Guide.
If you want the certificate to be signed using a signature algorithm other than
7.
the default, choose an alternative from the "Signature algorithm" drop-down
list:
MD5 with RSA and MD2 with RSA generate a 128-bit message digest.
Most existing software applications that handle certificates support only
MD5. This is the default algorithm.
SHA-1 with RSA generates a 160-bit message digest. Before choosing
SHA-1, make sure your applications support it. Netscape Navigator 3.0 (or
later) and Enterprise Server 2.01 (or later) support SHA-1. If your users
have previous versions of these applications, choose MD5 as the signature
algorithm, or upgrade your users to the most recent version of these
applications.
Before selecting an algorithm, check with your CMS administrator to make
sure that Certificate Management System has the algorithm enabled.
Review the unauthenticated request attributes. These attributes were
8.
submitted by the end entity with the enrollment request. Since these attributes
do not come from a trusted source (such as an authentication module in the
CMS server), they are "unauthenticated." Your site policies may or may not
require agents to review or validate any of these attributes.
Review the authenticated attributes. These attributes were generated in the
9.
CMS server by authentication or policy plug-in modules. They are considered
authenticated since they have been validated by or have originated in the CMS
server itself.
If the certificate request is for an SSL client certificate for a CMS manager or a
10.
CMS agent, you should indicate this in the last section, labeled Privileges.
program, which is
ExtJoiner
Chapter 3
Handling Certificate Requests
Approving Requests
47
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - AGENT GUIDE