About Publishers; About Mappers; About Rules - Netscape MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR Administrator's Manual

About Publishing

About Publishers

Publishers specify the location in which certificates and CRLs are published. In the
case of publishing to a file, publishers specify the publishing directory. In the case
of LDAP publishing, publishers specify the attribute in the directory that will store
the certificate or CRL; a mapper is used to determine the DN of the entry—the
location of the LDAP directory is specified when you enable LDAP publishing. In
the case of an OCSP responder, publishers specify the host name and URI of the
Online Certificate Status Manager's secure EE service.
With file publishing, you set up a publisher for every location you will publish to.
With LDAP publishing, you set up a publisher for every DN that needs a different
formula for deriving that DN. When you create a rule that determines whether a
given certificate or CRL will be published, you associate a publisher with each rule
providing the location for the rule. With OCSP publishing, you set up a publisher
for every location that you will publish to.

About Mappers

Mappers are only used in LDAP publishing. Mappers allow you to construct the
DN for an entry based on information from the certificate or the certificate request.
The server needs to figure out the DN of the entry in which to publish certificates
and CRLs. It has information from the subject name of the certificate, and from the
certificate request for the certificate and needs to know how to use this information
to create a DN for that entry. The mapper provides a formula for converting the
information available to either a DN, or some unique information that can be
searched in the directory to obtain a DN for the entry.

About Rules

You set up Rules for file, LDAP, and OCSP publishing which tell the server
whether or not a certificate or CRL matches that rule, and if so, how it is to be
published. A rule first defines what is to be published: a certificate or CRL with
certain characteristics. A rule then specifies the publishing method and location.
You define which certificates or CRLs get published by defining a type and
predicate for the rule. You specify how and where to publish by associating the
rule with a publisher, and, in the case of LDAP publishing, with a mapper.
You can create a simple or complex set of publishing rules depending on your
needs, the flexibility is built in to allow you to do this.
Chapter 15 Publishing 617