Table of Contents
Advertisement
For example, the URL to a Certificate Manager agent interface would look like this:
https://demoCA.example.com:5600/ca
If you change the agent port number, be sure to inform your agent users.
End-Entity Ports
For requests from end entities, CMS can listen to two ports, an SSL (encrypted) port
and a non-SSL port. End entities make these requests from the end entity services
interface.
CMS provides the following services through the HTTP and HTTPS ports:
•
The HTTP port can be used to service end-entity-initiated PKI requests, such as
enrollment, renewal, and revocation; enrollment requests can include requests
from Cisco routers (using the CEP protocol); general certificate retrieval
requests, such as retrieving a single certificate identified by a serial number,
listing certificates based on certain criteria (for example, an LDAP search filter
defined over standard attributes), and getting a CA's certificate chain. You can
disable this port if it will not be used.
•
The HTTPS port can be used to service end-entity-initiated PKI requests, such
as enrollment, renewal, and revocation; enrollment requests can include
requests from Cisco routers (using the CEP protocol); general certificate
retrieval requests, such as retrieving a single certificate identified by a serial
number, listing certificates based on certain criteria (for example, an LDAP
search filter defined over standard attributes), and getting a CA's certificate
chain. The HTTPS port uses SSL authentication providing a secure transfer of
data to this port.
Similar to the HTTP port, you can enable or disable the HTTPS port. For
example, if you don't want end-entity interaction with a Certificate Manager,
you can disable the HTTPS port. For details, see "Changing a Port Number" on
page 288.
If this CMS instance is for a Certificate Manager and if the Certificate Manager is
configured to service OCSP requests from OCSP-compliant clients, then this port
must be enabled so that OCSP-compliant clients can successfully query the
Certificate Manager for the revocation status of a certificate. For details, see
"Setting Up a Certificate Manager with OCSP Service" on page 171.
Similarly, for issuing certificates to routers (using the CEP protocol), the port must
be enabled. For details, see "CEP Enrollment," on page 414."
Chapter 7
Administrative Basics
Ports
287
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN