Table of Contents
Advertisement
Configuring the Online Certificate Status Manager
194
Netscape Certificate Management System Administrator's Guide • June 2003
includeNextUpdate. The Online Certificate Status Manager can include
the time stamp of next CRL update—a future update time for the CRL or
the revocation information—in the OCSP response that it sends to
OCSP-compliant clients. (According to the OCSP protocol, it is optional to
include the time stamp of next CRL update in an OCSP response.) Select
this option if you want the OCSP response to contain information about
the next CRL update. Leave the option deselected if you don't want the
OCSP response to contain this information.
If you selected
ldapStore
numConns. Type the total number of LDAP directories the Online
Certificate Status Manager should check. By default, this is set to 0. If you
change the value to a positive integer, for example 1, 2, or 3, you will see
that many sets of
host
the value, click OK, and reopen the window to see the updated fields.)
host<n>. Type the fully-qualified DNS hostname of the LDAP directory.
The name must be in the
form. For example,
corpDir1.example.com
port<n>. Type the nonSSL port of the LDAP directory. For example, 389.
baseDN<n>. Type the DN to start searching for the CRL. For example,
.
O=example.com
refreshInSec<n>. Type how often the connection is refreshed. The default
is 86400 seconds (that is, refresh every day).
caCertAttr. Leave the default value,
the attribute to which the Certificate Manager publishes its CA signing
certificate.)
crlAttr. Leave the default value,
it is. (It's the attribute to which the Certificate Manager publishes CRLs.)
notFoundAsGood. A certificate's status can typically be indicated by three
possible OCSP responses, namely GOOD, REVOKED, and UNKNOWN.
Select this option if you want the Online Certificate Status Manager to
return an OCSP response of GOOD if the certificate in question cannot be
found in any of the CRLs. If you deselect the option, the response will be
UNKNOWN, which when encountered by Netscape Personal Security
Manager (an OCSP-compliant client) results in an error message.
, fill in values as below:
,
,
, and
port
baseDN
refreshInSec
<machine_name>.<your_domain>.<domain>
cACertificate;binary
certificateRevocationList;binary
fields. (Change
.
, as it is. (It's
, as
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN