Setting Up Cep Enrollment Manually - Netscape MANAGEMENT SYSTEM 6.01 Installation And Setup Manual
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.01:
- Configuration manual (282 pages) ,
- Reference (162 pages) ,
- Installation manual (106 pages)
Table of Contents
Advertisement
Setting up CEP Enrollment Manually
Note that Certificate Management System by default supports issuance of
certificates to routers and VPN clients using the CEP-based enrollment. However,
publishing of these certificates to an LDAP-compliant directory is not turned on by
default because routers and VPN clients need to have access to an LDAP directory
in order to fully support various functions, such as certificate and CRL retrieval.
This section explains how to set up a Certificate Manager to issue certificates to
routers and CEP-compliant Virtual Private Network (VPN) clients. The section also
describes how to configure the Certificate Manager to publish these certificates and
certificate revocation lists (CRLs) to an LDAP-compliant directory.
You may configure the Certificate Manager to publish to any LDAP-compliant
directory, but if you do not have one available, you can use the one supplied with
Certificate Management System. Certificate Management System comes with
Netscape Directory Server, which is an LDAP-compliant directory. When you
install Certificate Management System, two instances of Netscape Directory Server
are automatically created in the same server group in which Certificate
Management System is installed—one of the Directory Server instances is
identified as the configuration directory and the other internal database. For
publishing certificates and CRLs you may use the configuration directory, but not
the internal database. The internal database is configured for exclusive use by
Certificate Management System; see Chapter 12, "Setting Up Internal Database."
Setting up CEP Enrollment Manually
The information covered in this section explains how to set up CEP enrollment
manually. Note that the instructions are written with these assumptions:
•
That you will publish certificates and CRLs to the configuration directory. For
more information about the configuration directory, see Managing Servers with
Netscape Console. To locate this document, open the
<server_root>/manual/index.html
•
That you will publish certificates and CRLs to the same tree in the
configuration directory; you may customize this if you desire. We recommend
that you publish to a tree named after the
certificate. Router certificates will also need to have an
name; this can be done automatically. This section refers to the name of this
tree as
If you want to publish to any other LDAP-compliant directory, read Chapter 19,
"Setting Up LDAP Publishing."
To set up CEP enrollment manually, follow these steps:
790
Netscape Certificate Management System Installation and Setup Guide • May 2002
.
Base DN
file.
attribute in your CA signing
O
inserted in the subject
O
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 6.01 and is the answer not in the manual?