Netscape MANAGEMENT SYSTEM 6.01 Installation And Setup Manual page 588
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.01:
- Configuration manual (282 pages) ,
- Reference (162 pages) ,
- Installation manual (106 pages)
Table of Contents
Advertisement
Publishing of Certificates to a Directory
The publishing directory is updated at these times:
•
When the Certificate Manager starts up, it publishes its CA signing certificate to
the directory.
•
When the Certificate Manager issues a new certificate (the request may
originate from Registration Managers that're connected to the Certificate
Manager), it stores a copy of the certificate in its internal database and then
publishes the certificate to the configured directory.
•
When the Certificate Manager revokes a certificate (the request may originate
from Registration Managers that're connected to the Certificate Manager), it
marks the copy of the certificate in its internal database as revoked and then
unpublishes or removes the revoked certificate from the configured directory.
•
When a certificate expires, the Certificate Manager can remove that certificate
from the configured directory. Note that the server doesn't do this
automatically. You need to configure the server to run the appropriate job. For
details, see "Configuring a Subsystem to Run Automated Jobs" on page 545.
•
When the certificate revocation list is created or updated (either through the
CMS window or through the certificate-revocation feature provided in the
agent or end-entity interface), the Certificate Manager publishes that list to the
configured directory.
Table 19-1 summarizes the above-listed actions of the Certificate Manager. The
table also indicates how the Certificate Manager populates an LDAP directory, if
configured for publishing. Note that certificates (and CRLs) are published as
DER-encoded binary blobs.
Table 19-1 Details of objects published by the Certificate Manager
Object
Action and Timing
End-entity
Publishing occurs when a certificate
certificate
is issued or renewed
Unpublishing (removal) occurs
when a certificate is revoked or
expired
CA certificate
Publishing occurs when the
Certificate Manager is started
CRL (full)
Publishing (replacement) occurs
when a new CRL is generated
588
Netscape Certificate Management System Installation and Setup Guide • May 2002
LDAP entry
LDAP attribute
End-entity's
userCertificate;binary
entry
End-entity's
userCertificate;binary
entry
CA's entry
caCertificate;binary
CA's entry
certificateRevocation
List;binary
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.01
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.01
- Netscape NETSCAPE CONSOLE 6.0 - MANAGING SERVERS
- Netscape NETSCAPE DIRECTORY SERVER 6.02
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION
- Netscape NETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTERPRISE SERVER 6.1 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR