Table of Contents
Advertisement
Installing a Standalone Data Recovery Manager
The transport certificate was issued by the CA to which you submitted the
certificate signing request. You might have submitted the request to the Certificate
Manager that is installed in the same instance, internally deployed another CA, or a
public CA. To find out the issuer name, follow the instructions in "Viewing and
Deleting Certificate Database Content" on page 293.
Storage Key Pair
Every Data Recovery Manager you have installed has a Data Recovery Manager
storage key pair. The first time you generated this key pair is when you installed the
Data Recovery Manager.
The Data Recovery Manager uses the public component of this key pair to encrypt
(or wrap) end-entity's encryption private keys during the key archival operation; it
uses the private component to decrypt (or unwrap) the archived key during the
recovery operation. That is, the public key is used to encrypt the key repository the
server uses to store end-entity's encryption private keys. For more information on
how this key pair is used, see Chapter 6, "Data Recovery Manager."
Note that the public component of the storage key pair is not certified; there is no
certificate that corresponds to the public key.
Keys encrypted with the storage key can be retrieved only by authorized key
recovery agents. For details, see "Key Recovery Agents and Their Passwords" on
page 203.
SSL Server Key Pair and Certificate
Every Data Recovery Manager you have installed has at least one SSL server
certificate. The first time you generated this certificate is when you installed the
Data Recovery Manager. The default nickname for the certificate is
Server-Cert cert-<instance_id>
instance in which the Data Recovery Manager is installed.
The Data Recovery Manager's SSL server certificate was issued by the CA to which
you submitted the certificate signing request. You might have submitted the
request to the Certificate Manager that is installed in the same instance, an
internally deployed CA, or a public CA. To find out the issuer name, follow the
instructions in "Viewing and Deleting Certificate Database Content" on page 293.
The Data Recovery Manager uses its SSL server certificate to do SSL server-side
authentication to the following:
•
The end entity services interface (the HTTPS port)
•
The Data Recovery Manager Agent Services interface
214
Netscape Certificate Management System Administrator's Guide • June 2003
, where
<instance_id>
identifies the CMS
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN