Netscape MANAGEMENT SYSTEM 6.01 Installation And Setup Manual page 35
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.01:
- Configuration manual (282 pages) ,
- Reference (162 pages) ,
- Installation manual (106 pages)
Table of Contents
Advertisement
•
Publishes CRLs to an online validation authority (or OCSP responder),
enabling real-time verification of certificates by OCSP-compliant clients. For
more information, see Chapter 21, "Setting Up an OCSP Responder."
Separate subsystems for certificate and key operations
Certificate Management System includes four servers, the Certificate Manager,
Registration Manager, Data Recovery Manager, and Online Certificate Status Manager.
•
The Certificate Manager functions as the certificate authority (CA); it is the
entity named in the issuer field of a certificate. The Certificate Manager can
sign and revoke certificates and generate CRLs. It can accept certificate
requests directly from end entities and via Registration Managers to which it
has delegated certain certificate management functions, such as authentication
of an end entity. The Certificate Manager also maintains a database of issued
certificates so that it can track renewal, expiration, and revocation.
•
The Registration Manager is an optional component in the PKI; it is a
subordinate server to which a Certificate Manager can delegate some
certificate management functions. For example, a Registration Manager may
act as a front end to a Certificate Manager, performing tasks such as end-entity
authentication and formulation of the certificate request for the Certificate
Manager.
•
The Data Recovery Manager is an optional component in the PKI. It provides
key archival and recovery services for end users' encryption private keys.
•
The Online Certificate Status Manager is an optional, but important
component in the PKI. It enables real-time verification of certificates issued by
one or more Certificate Managers.
For an overview of these subsystems, see "CMS Subsystems or Managers" on
page 44.
Single CA supports multiple registration authorities
Certificate Management System lets you separate the registration process from the
certificate-signing process with the help of Registration Managers. You can run
multiple Registration Managers remotely, all reporting to a single Certificate
Manager, to verify user identities and process certificate signing requests. The
remote Registration Managers forward their completed and approved requests to
the Certificate Manager for it to sign and issue the certificate automatically.
Chapter 1
Introduction to Certificate Management System
Overview of Key Features
35
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.01
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.01
- Netscape NETSCAPE CONSOLE 6.0 - MANAGING SERVERS
- Netscape NETSCAPE DIRECTORY SERVER 6.02
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION
- Netscape NETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTERPRISE SERVER 6.1 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR