Table of Contents
Advertisement
Managing Authentication Plug-ins
Upon receipt of a notification about the certificate issuance, install the
certificate in your browser.
Verify that the certificate is installed in the browser's certificate database; for
6.
example, in Communicator you can open the Security Info window and verify
that the certificate is listed in there.
If you've set up the directory- and PIN-based authentication with PIN
7.
removal, reenroll for another certificate using the same PIN. Your request
should get rejected.
If you've set up the portal enrollment, verify that an entry for the user is
8.
created in the directory. For example, you can point your browser to the portal
directory and find out if an entry for the user for whom you requested the
certificate exists.
In the URL field, type
ldap://<hostname>:<port>/<base_dn>??sub?(uid=<user_id>)
substituting
Server,
listening to authentication requests from the Certificate Manager
with the DN to start searching for the user's entry, and
of the user for whom you requested the certificate.
For example, if the directory host name is
base DN is
this:
ldap://corpDirectory:389/O=example.com??sub?(uid=jdoe)
In the resulting page, look for the user's credentials and verify that they match
what you specified in the enrollment form. If you've configured CMS to
publish certificates to the same directory (Chapter 15, "Publishing"), you will
be able to see the certificate-related information; it typically includes
information such as the owner of the certificate, the CA that has issued the
certificate, the serial number, the validity period, and the certificate fingerprint.
Managing Authentication Plug-ins
You can register custom authentication plug-in modules from the CMS window.
You can delete an authentication plug-in module that you no longer need by using
the CMS window. Before deleting a module, be sure to delete all the instances that
are based on this module.
To register or delete a module:
424
Netscape Certificate Management System Administrator's Guide • June 2003
with the fully qualified host name of the Directory
<hostname>
with the port number at which the Directory Server is
<port_number>
, and user's ID is
O=example.com
<user_id>
, port number is
corpDirectory
, the URL would look like
jdoe
,
<base_dn>
with the ID
,
389
Advertisement
Table of Contents
