Table of Contents
Advertisement
Online Certificate Status Manager Deployment Considerations
You submit this request either to a CMS CA, or you submit the request to a third
party public CA and then install the certificate you receive from the CA during the
rest of the installation. If you submit the request to a CMS CA, the installation
program will allow you submit the request to the CA in the install wizard, and pick
up the certificate once it is approved.
OCSP Signing Key Pair and Certificate
Every Online Certificate Status Manager you have installed has a certificate,
identified as the Online Certificate Status Manager signing certificate, whose public
key corresponds to the private key the Online Certificate Status Manager uses to
sign OCSP responses before sending them to OCSP-compliant clients. The Online
Certificate Status Manager's signature provides persistent proof to an
OCSP-compliant client that the Online Certificate Status Manager has processed
the request. The first time you generated this certificate is when you installed the
Online Certificate Status Manager. The default nickname for the certificate is
, where
identifies the
ocspSigningCert cert-<instance_id>
<instance_id>
CMS instance in which the Online Certificate Status Manager is installed.
The Online Certificate Status Manager's signing certificate was issued by the CA to
which you submitted the certificate signing request.
SSL Server Key Pair and Certificate
Every Online Certificate Status Manager you have installed has at least one SSL
server certificate. The first time you generated this certificate is when you installed
the Online Certificate Status Manager. The default nickname for the certificate is
, where
identifies the CMS
Server-Cert cert-<instance_id>
<instance_id>
instance in which the Online Certificate Status Manager is installed.
The Online Certificate Status Manager's SSL server certificate was issued by the CA
to which you submitted the certificate signing request. You might have submitted
the request to an internally deployed CA or a public CA.
The Online Certificate Status Manager uses its SSL server certificate to do SSL
server-side authentication for the Online Certificate Status Manager Agent Services
interface.
By default, the Online Certificate Status Manager uses a single SSL server
certificate for authentication purposes. However, you can request and install
additional SSL server certificates for the Online Certificate Status Manager. For
example, you can configure the Online Certificate Status Manager to use separate
server certificates for the Netscape Console and the Online Certificate Status
Manager Agent Services interfaces. For instructions, see "Configuring the Server's
Security Preferences" on page 318.
Chapter 5
OCSP Responder
171
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN