Table of Contents
Advertisement
Configuring the Certificate Manager
Getting a CRL Signing Key Pair and Certificate
A Certificate Manager uses the key pair corresponding to the CA signing certificate
for signing certificates and certificate revocation lists (CRLs).
If you want a Certificate Manager to use a separate key pair for signing the CRLs it
generates, you can do so after installation. Note that a Certificate Manager's CRL
signing certificate must be signed or issued by itself; make sure you submit the
request to the Certificate Manager itself.
To enable a Certificate Manager to sign CRLs with a separate key pair:
Request and install a CRL signing certificate for the Certificate Manager. To do
1.
this, you may use either of these options:
To request and install a CRL signing certificate for a Certificate Manager using
its Certificate Setup Wizard, follow these instructions:
a.
b.
c.
d.
e.
112
Netscape Certificate Management System Administrator's Guide • February 2003
Use the Certificate Setup Wizard available within the CMS window.
Use the Certificate Database tool (
a certificate for the key pair, and install the certificate in the Certificate
Manager's certificate database. For more information about the Certificate
Database tool, see:
http://www.mozilla.org/projects/security/pki/nss/tools/
Log in to the CMS console (see "Logging Into the CMS Console" on
page 247).
Select the Configuration tab, and then select the Encryption tab.
Click Certificate Setup Wizard to launch the wizard.
Select the option to request a certificate and then follow the on-screen
prompts to generate a certificate request for the CRL signing certificate—in
the Certificate Selection window, select
as the certificate type in the associated text field.
Once you have the certificate request ready, submit it to the Certificate
Manager so that it can issue a certificate—in the request submission screen
of the wizard, use the auto-submission feature by entering the Certificate
Manager's hostname and port number so that the request gets added to the
Certificate Manager's agent queue.
) to generate a key pair, request
certutil
and specify
Other
caCrlSigning
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN