Table of Contents
Advertisement
Understanding CMS Installation
SSL Client Authentication with the Internal
Database
In the Common Criteria Environment, the internal LDAP database used by the
subsystem must be set up for SSL client authentication. You will be instructed on
how to set this up when you follow instructions in the document CMS Common
Criteria Setup Procedure.
CMS Administrative Console
In the Common Criteria Environment, you will not be able to start a CMS instance
using Netscape Console and the CMS console. You must start the server on the
command line because when you set up the Common Criteria environment, you
disable the password plain-text file used for remote start-up. When you log in on
the command line, you will be prompted for all the passwords you need to
provide.
For complete information on the CMS console, see "The Administrative Interface"
on page 242. For instructions on how to set up SSL client authorization for the CMS
console, see Appendix I, "Introduction to SSL."
Backup and Restore of a CMS Subsystem
CMS provides a command-line tool to backup a CMS subsystem instance. It also
provides another command-line tool to restore a CMS subsystem instance to the
state of the system when it was last backed up. In the CMS Common Criteria Setup
Procedure, you will not be instructed on how to operate these command-line
utilities, however, you should know when it's necessary to backup or restore a
CMS subsystem running in Common Criteria evaluated environment, you should
following the instructions for these utilities in the Backing Up and Restoring Data
chapter of the CMS Tools Guide and the instructions on how to sign and verify the
data.
Note: All secure information that needs encryption (component secret keys,
component private keys, and passwords) is cryptographically encrypted with FIPS
140-1 Level 3 certified hardware token. Disclosure is therefore not a concern of the
backup utilities.
724
Netscape Certificate Management System Administrator's Guide • June 2003
Advertisement
Table of Contents
