Table of Contents
Advertisement
The Internal Key Storage token ("Certificate DB token" in Figure 1-5 on
page 58) handles all communication with the certificate and key database
files (called certX.db and keyX.db, respectively, where X is a version
number) that store certificates and keys.
•
FIPS 140-1 module. This module complies with the FIPS 140-1 government
standard for implementations of cryptographic modules. Many products sold
to the US government must comply with one or more of the FIPS standards.
The FIPS 140-1 module includes a single, built-in FIPS 140-1 Certificate DB
token (as shown in Figure 1-5 on page 58), which handles both cryptographic
operations and communication with the certX.db and keyX.db files.
Any PKCS #11 module can be used with CMS. The server uses a file called
secmod.db to keep track of the modules that are available. You can modify this file
using the
tool, which is explained in the following documentation:
modutil
http://www.mozilla.org/projects/security/pki/nss/tools/
For example, you need to modify secmod.db if you are installing hardware
accelerators for use in signing operations.
Management Tools
Command line tools are provided by CMS for occasional management of the CMS
system:
•
backup/restore tool
•
password cache tool
•
audit log signature verification tool
•
enrollment pin generation tool
•
mass revocation tool
•
(signed) CMS request tool
•
bulk certificate issuance tool
JRE
JRE (Java Runtime Environment) provides the Java Virtual Machine (JVM) and
supporting class libraries needed to run CMS.
System Architecture
Chapter 1
Overview
63
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR and is the answer not in the manual?