Table of Contents
Advertisement
Configuring a Registration Manager
If you use an agent-approved enrollment process, you can use the agent services
interface forms that are provided, or you can customize those forms to change the
look and feel, or to change some of the default functionality provided in the forms.
See the Netscape Certificate Management System Customization Guide for details.
Automated Enrollment
You set up automated enrollment by configuring instances of the authentication
plug-ins. The plug-ins allow you to set up the kind of authentication you will use
for enrollment. All of the authentication plug-ins also enable an automated
enrollment when they are enabled. You can enable one of the authentication
plug-ins, and configure it to be able to authenticate.
Once you have set up an authentication instance, end entities use a form associated
with this method when enrolling. You must provide the necessary fields to collect
the information required for the method of authentication in the form, otherwise
you can customize the form as you like.
The authentication methods that you can configure are:
•
Directory Based Enrollment. End-entities are authenticated against an LDAP
directory using their user ID or DN and password. See "Setting Up Directory
Based Enrollment," on page 389.
•
NIS Based Enrollment. End-entities are authenticated against an NIS server.
See "Setting Up NIS Based Enrollment," on page 391.
•
Pin Based Enrollment. End-entities are authenticated against and LDAP
directory using their user ID, password and a pin given to them. See "Setting
Up Pin Based Enrollment," on page 395.
•
Portal Enrollment. End users are registered into an LDAP directory and issued
a certificate. If user already has an entry in the directory, they are authenticated
against the directory and then issued a certificate. See "Setting Up Portal
Enrollment," on page 400.
•
CMC Auth. This plug-in allows you to send agent signed requests and have
those requests processed. See "Setting Up CMC Enrollment," on page 404.
Configuring Policies
The Policy feature is a set of plug-ins that you create instances of and then
configure. These instances define certificate content and the values for that content
and constraints for the content that can either be associated with all certificates, or
with a subset of certificates defined using predicates. When a non-certificate profile
158
Netscape Certificate Management System Administrator's Guide • February 2003
Advertisement
Table of Contents
