Table of Contents
Advertisement
Cloning a CA
Start the Master CA. See "Starting, Stopping, and Restarting CMS Instances"
3.
on page 254.
Create instances for each clone CA you create. You need to create a CMS
4.
instance for each clone CA on the host where the CA will run. If CMS is already
installed, you can simply create another instance. If CMS is not installed on the
host, you need to install CMS and then install the CA. See Chapter 2,
"Installation" for complete instructions on installing CMS. See "Installing a
Certificate Manager," on page 91 for installing a Certificate Manager
subsystem.
Depending on how many CMS instances you've created for clone Certificate
Managers, you should repeat the instructions in this step to configure each
clone Certificate Manager.
When you configure the clone Certificate Manager follow the on-screen
instructions to finish configuring the clone CA. During configuration, be sure
to follow these:
Establish Trust Between Master CA and Clone CAs
5.
For the master Certificate Manager to trust the clone Certificate Manager, you
associate the clone Certificate Manager as a trusted manager to the master
Certificate Manager. For details about trusted managers, see "Trusted
Managers" on page 329. You do this by created a user in the Master CA for the
132
Netscape Certificate Management System Administrator's Guide • February 2003
Clone key and certificate materials—On this screen, click Yes to reuse the
certificate and key material in the database files you copied from the
master Certificate Manager. In the Instance Name field enter the instance
ID of the master Certificate Manager. Select the token name where the keys
and certificate are stored and enter the token's password, if required.
Clone key and certificate materials—On this screen, you choose whether
to reuse the master Certificate Manager's SSL server certificate or create a
new one. If you created the clone Certificate Manager on the same host as
the master Certificate Manager, you can reuse the SSL server certificate. To
reuse the SSL server certificate, select Yes, enter the instance ID of the
master Certificate Manager, select a token, and enter the token password.
If you do not or cannot reuse the SSL server certificate, select No and
follow the screens that enable you to generate a new SSL server certificate.
CA's serial number range—On this screen, specify the lowest serial
number the CA should assign to certificates it creates in the "Starting serial
number" field. In the "Ending serial number" field, specify the highest
serial number available for this CA. For both the fields, you can enter the
number in decimal or hexadecimal (0xnn).
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN