Table of Contents
Advertisement
How Certificate Management System Works
Authentication Methods
CMS provides authentication plug-ins that allow you to set up automated
enrollment and configure the particular method(s) you set up; it provides
agent-approved enrollment, where an agent must approve the request by default.
Each end-entity form is associated with a particular authentication method, either
one of the automated methods or the agent-approved method. The Certificate
Manager processes the request according to the method associated with the form.
See Chapter 9, "Authentication" for complete details.
Request Processing
When the Certificate Manger processes requests from its own end-entity interface,
it first considers the authentication method. If it is an agent-approved
authentication method, the request is queued in the agent services interface where
it awaits agent approval. The agent can change some aspects of the certificate that
will be issued, and can approve, deny, or change the status of the request. If it is an
automated enrollment, it authenticates the user, and then continues processing the
request.
The Certificate Manger next evaluates the request to ensure that it meets either the
policies set for this type of certificate, or the certificate profile set for this type of
enrollment.
Policies are a set of plug-ins that allow you to set constraints on the certificate and
define the content and the value of that content in the certificate. You can configure
the default policies and associate them with a particular authentication method.
You can also create custom policy modules. See Chapter 11, "Policies" for complete
details.
Certificate Profiles is a new feature that binds an authentication method and
certificate type to a set of constraints and certificate content definitions (defaults). It
allows you to configure a single module for a type of certificate that binds to an
authentication method and sets constraints for the certificate issued as well as
defines the content and values for that content in the certificate. You can configure
the default certificate profiles or create custom modules. See Chapter 10,
"Certificate Profiles" for complete details.
If the policies from either the Policy or the Certificate Profiles framework are not
met, the request is rejected, if they are met, the certificate is issued.
Chapter 1
Overview
43
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN