Registration Manager's Key Pairs And Certificates; Signing Key Pair And Certificate - Netscape MANAGEMENT SYSTEM 6.01 Installation And Setup Manual
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.01:
- Configuration manual (282 pages) ,
- Reference (162 pages) ,
- Installation manual (106 pages)
Table of Contents
Advertisement
Keys and Certificates for the Main Subsystems
If you configure the Certificate Manager for SSL-enabled communication with a
publishing directory, the Certificate Manager also uses its SSL server certificate for
SSL client authentication to the publishing directory. This is the default
configuration. You can configure the Certificate Manager to use an alternate
certificate for this purpose; see "Getting an SSL Client Certificate for a Subsystem"
on page 461.
If you configure the Certificate Manager to function as a trusted manager to a Data
Recovery Manager, the Certificate Manager also uses its SSL server certificate for
SSL client authentication to the Data Recovery Manager. For details on trusted
managers, see "Trusted Managers" on page 380. You can also configure the
Certificate Manager to use an alternate certificate for this purpose; see "Getting an
SSL Client Certificate for a Subsystem" on page 461.
Registration Manager's Key Pairs and
Certificates
The Registration Manager uses the following certificates:
•
Signing Key Pair and Certificate
•
SSL Server Key Pair and Certificate
Signing Key Pair and Certificate
Every Registration Manager you have installed has a certificate, identified as the
Registration Manager signing certificate, whose public key corresponds to the private
key the Registration Manager uses to sign certificate requests before sending them
to the Certificate Manager for signing. The Registration Manager's signature
provides persistent proof to the Certificate Manager that the Registration Manager
has processed the request. The first time you generated this certificate is when you
installed the Registration Manager. The default nickname for the certificate is
raSigningCert cert-<instance_id>
instance in which the Registration Manager is installed.
The Registration Manager's signing certificate was issued by the CA to which you
submitted the certificate signing request. You might have submitted the request to
an internally deployed CA or a public CA. To find out the issuer name, follow the
instructions in "Viewing the Certificate Database Content" on page 482.
If you configure the Registration Manager to function as a trusted manager to
another subsystem, the Registration Manager uses its signing certificate for SSL
client authentication to the subsystem; this is the default configuration. For details,
see "Trusted Manager's Certificate for SSL Client Authentication" on page 383.
426
Netscape Certificate Management System Installation and Setup Guide • May 2002
, where
<instance_id>
identifies the CMS
Advertisement
Table of Contents
