Renewal Of Server Certificates; Getting Certificates For Netscape Version 4.X And Later Servers - Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual

Issuing and Managing Server Certificates
The certificate profile feature offers an automated sever enrollment. Using this
certificate profile, an agent makes the request for the SSL server certificate in the
certificate profile and is authenticated using their agent certificate. If the agent is
authenticated, the SSL server certificate request is automatically processed, and the
issued certificate is returned to the agent via an HTML form.

Renewal of Server Certificates

Every certificate issued by CMS has a validity period that determines its expiration
date. The validity period of a certificate is determined by the validity constraints
policy settings at the time the certificate was issued, see "ValidityConstraints," on
page 508. To be valid beyond its expiration date, it must be renewed. Otherwise,
the certificate becomes invalid, and the entity owning the certificate will no longer
be able to use it. Also, the expired certificate will take up space in your publishing
directory and in the internal database of CMS.
CMS allows server administrators to renew their certificates by using the server
enrollment form hosted by a Certificate Manager or Registration Manager. The
renewal process is similar to the enrollment process in that the administrators must
manually generate the certificate-signing request using the server's key pair, paste
that request in the agent-approved enrollment form, and submit the request.
Getting Certificates for Netscape Version 4.x and
Later Servers
For Netscape version 4.x servers, you can use the Certificate Setup Wizard
provided by Netscape Console to get new certificates, renew existing certificates,
and install certificates in the database of a server. For information about this
wizard, see Managing Servers with Netscape Console.
Note that there are two ways in which you can submit the certificate signing
request to CMS:
• Submit the request (which is in the form of a base-64 encoded blob) directly
from the wizard; in this method, you need not copy the request to a text file.
• Submit the request manually by pasting the request (which is in the form of a
base-64 encoded blob) into the Certificate Manager's server enrollment form; in
this method, you need to copy the request when the wizard displays it.
412 Netscape Certificate Management System Administrator's Guide • February 2003