Netscape MANAGEMENT SYSTEM 6.01 Installation And Setup Manual page 82

Hide thumbs Also See for NETSCAPE MANAGEMENT SYSTEM 6.01:
Table of Contents

Advertisement

Steps in End-Entity Enrollment
Authenticate user. Authentication can be either automatic or manual. If the
2.
CMS manager is configured for automatic authentication, the servlet uses the
authentication module specified by the form to validate the information
provided by the user. For example, the directory authentication module that
comes with Certificate Management System validates the user ID and
password by comparing it to the user's entry in an LDAP directory. Custom
authentication modules can be used to take advantage of existing databases,
security systems, or other methods of authentication. If the CMS manager is
configured for manual authentication, the servlet routes the request to the
request queue and informs the user (via a web page) that approval has been
deferred. The request remains in the queue until an agent approves it or rejects
it.
Process policies. If authentication is successful, policies specified for this CMS
3.
manager are applied to the request for the purpose of formulating the contents
of the certificate to be issued and to enforce certain rules, such as name
constraints. Custom policy modules can be used to enforce specialized
certificate extensions and other requirements.
Service request. After policy processing, the servlet's work is finished and the
4.
CMS manager services the request (assuming that a policy has not triggered
deferral)—for example, by issuing a certificate.
Notify user. If the CMS manager has been configured for automatic
5.
authentication and issuance, the manager delivers the signed certificate to the
user via a web page. If the request has been deferred (for example, for manual
approval) or rejected, the user is informed of the request's status. When the
request has been approved and the certificate issued, the CMS manager
notifies the user (for example, with an email) and provides a URL where the
certificate can be picked up.
Since all three CMS managers use the same architecture for authentication and
policy processing, it's possible to reuse any authentication and policy modules
with any manager. For information on the relationship of policy modules to the
APIs exposed by Certificate Management System, see "System Architecture" on
page 74.
82
Netscape Certificate Management System Installation and Setup Guide • May 2002

Advertisement

Table of Contents
loading

This manual is also suitable for:

Certificate management system 6.01

Table of Contents