Table of Contents
Advertisement
•
The form can collect information about the end entity from an LDAP directory
when the form is submitting. You can set up policies using predicates that
request this information from the LDAP directory when the user authenticates
using an LDAP user ID and password. For certificate profile based enrollment,
you set up defaults that are used to collect this information.
•
The policies or certificate profile associated with the form determine aspects of
the certificate that is issued. Depending on the policies or certificate profile that
are associated with the form, the request is evaluated against these to
determine if the request meets the constraints set, if the required information is
provided, and what the resultant certificate will contain.
•
The form can also request the private encryption key from the user. If the Data
Recovery Manager subsystem is set up with this RA, the end entities key is
requested, and an archival request is sent to the Data Recovery Manager. This
process generally takes place in the background requiring no interaction from
the end entity.
•
The certificate request is either rejected at some point in the process either by
an agent, because it did not meet the policy, certificate profile, or
authentication requirements, or the request is signed and sent to the Certificate
Manager for issuance of the certificate.
•
The Certificate Manager will evaluate the request against its own policies or
certificate profiles. If the request does not violate its policies or profiles, the
certificate is issued. If it does violate those policies or certificate profiles, the
request is sent back to the queue in Registration Managers' agent services
interface.
•
The certificate is delivered to the end entity.
In automated (for example, directory-based) enrollment, the certificate is
always delivered to the user immediately. Normally, the enrollment is via
HTML page (the browser). So the certificate usually is returned as a
response (HTML page) to a HTTP submit (post).
In agent-approved enrollment, the certificate can be retrieved by serial
number, or request Id in the end-entity page.
If notification feature is setup, the link, where certificate can be obtained,
will be sent to the end-user.
•
You can send an automated certificate issuance notification to the end entity
when the certificate is issued. You can also send an automated certificate
rejected notification if the request was rejected. See Chapter 12, "Automated
Notifications."
How a Registration Manager Works
Chapter 4
Registration Manager
163
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN