1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 6.2 -...
  6. Manual

Signing Backup Data Using Cmsutil - Netscape MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Manual

Command-line tools guide
Hide thumbs
Table of Contents

Advertisement

Once you have a successful zip archive, you should secure it. The output directory
is probably accessible to any user on the system, and it may be on the same
physical disk as the server instance itself. You want to make sure the archive is not
accessible to unauthorized users and that you can use the archive if there is a
system hardware failure. Remember, the archive contains a database of private
keys. Although it is not easy to extract a key from the database without the correct
passwords, you do not want anyone to have the opportunity to try.
Move the zip archive to another machine or removable medium. If possible,
encrypt the archive (do not use the private keys stored in your CMS server's
database, since they may not be available when you need to restore the data). If you
copy the archive to removable media such as tape or CD, make sure the copy is
kept in a limited-access, locked area.
CMS backup data files can be optionally signed (and verified) from the
command-line utilizing a separate tool called
<server_root>/bin/cert/tools/cmsutil
data utilizing this tool, see "Signing Backup Data Using cmsutil," on page 67. For
an example of verifying signed backup data utilizing this tool, see "Verifying
Signed Backup Data using cmsutil," on page 69.
Optionally, CMS backup data files can be manually encrypted using some
operating system specific utility; encrypted files must be manually decrypted using
the same operating system specific utility prior to attempting data recovery

Signing Backup Data Using cmsutil

The following provides an example of using the tool called
<server_root>/bin/cert/tools/cmsutil
subsystem instance on a UNIX system:
Generating an EMAIL Signing User Certificate:
1.
Sign the Backup Data
2.
Using the browser, issue a request for a user certificate.
Using the browser, approve the request for this user certificate.
Import this user certificate into the browser.
Export this user certificate out of the browser into a Public Key
Cryptography Standard (PKCS) #12 file.
Move this file to the
<server_root>/alias
Signing Backup Data Using cmsutil
. For an example of signing backup
to sign backup data for a specific CMS
directory.
Chapter 7
Backing Up and Restoring Data
67

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE

This manual is also suitable for:

Certificate management system 6.2

Table of Contents