For Netscape Certificate Management System (CMS) to use the authentication
plug-in module named
contain unique PINs for each end entity to whom you intend to issue a certificate.
To aid you in generating PINs for end-entity entries in a directory, Certificate
Management System provides a command-line tool called the PIN Generator. This
tool allows you to generate unique PINs for entries in an LDAP-compliant user
directory. The tool stores these PINs (as hashed values) in the same directory
against the corresponding user entries, and it copies the PINs to a text file, from
which you can deliver the PINs to end entities by an appropriate, secure means.
This chapter explains how to use the PIN Generator. The chapter has the following
sections:
•
"Locating the PIN Generator Tool," on page 43
•
"The setpin Command," on page 44
•
"How the Tool Works," on page 49
Locating the PIN Generator Tool
You can find the PIN Generator at this location:
<server_root>/bin/cert/tools/setpin.exe
PIN Generator Tool
your authentication directory must
UidPwdPinDirAuth
Chapter 5
43