Sign In
Upload
Manuals
Brands
Netscape Manuals
Software
NETSCAPE MANAGEMENT SYSTEM 4.5
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Manuals
Manuals and User Guides for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5. We have
5
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 manuals available for free PDF download: Installation And Setup Manual, Manual
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Installation And Setup Manual (866 pages)
Brand:
Netscape
| Category:
Software
| Size: 7.73 MB
Table of Contents
Table of Contents
3
About this Guide
23
What's in this Guide
23
What You Should Already Know
26
Conventions Used in this Guide
27
Where to Go for Related Information
28
Part 1 Overview and Demo Installation
31
Chapter 1 Introduction to Certificate Management System
33
Overview of Key Features
34
Flexible End-Entity Registration Services Framework
38
System Overview
41
Public-Key Infrastructure
43
CMS Subsystems or Managers
44
Certificate Manager
45
Registration Manager
47
Data Recovery Manager
48
Online Certificate Status Manager
49
Basic System Configuration
50
Plug-In Modules
55
Authentication Plug-In Modules
55
Policy Plug-In Modules
57
Job Plug-In Modules
61
Mapper and Publisher Plug-In Modules
62
Event-Driven Notifications
64
Auxiliary Components
64
Command-Line Utilities
65
Cms Sdk
65
Entry Points for Various Types of Users
66
Agent Services Interface
68
Certificate Manager Agent Services
68
Registration Manager Agent Services
69
Data Recovery Manager Agent Services
70
Online Certificate Status Manager Agent Services Interface
71
End-Entity Services Interface
72
System Architecture
73
Pkcs #11
74
Nss
76
JSS and the Java/Jni Layer
76
Middleware/Java 2 Layers
76
Authentication and Policy Modules
77
Standards Summary
77
Certificate Management Formats and Protocols
77
Security and Directory Protocols
78
Chapter 2 Certificate Enrollment and Life-Cycle Management
81
Steps in End-Entity Enrollment
81
Some Enrollment Scenarios
84
Firewall Considerations
84
Extranet/E-Commerce: Acme Sales Corp
85
Enrolling Existing Customers
86
Enrolling New Customers
87
Enrolling Extranet Users
89
PIN Registration: Atlas Manufacturing
91
VPN Client Enrollment and Revocation
93
Router Enrollment and Revocation
96
End Entities and Life-Cycle Management
98
Life-Cycle Management Formats and Protocols
98
Access to Subsystems
99
HTML Forms for End Users
101
Netscape Personal Security Manager
102
Chapter 3 Default Demo Installation
105
System Requirements
106
Operating System and Software Required
106
Platform Requirements
106
Overview of the Default Demo
108
Demo Passwords
111
Installing the Default Demo
112
Step 1. Run the Installation Script - UNIX
112
Step 1. Run the Installation Script-Windows NT
114
Step 2. Run the Installation Wizard
122
Enrolling for the First Agent Certificate
135
Step 3. Get the First User Certificate
135
If You Need the First Agent Form Again
137
Using the Default Demo
138
Verify the Installation
138
Viewing Issued Certificates from the Agent Gateway
139
Enrolling for a Certificate from the End-Entity Gateway
140
Finding and Approving a Certificate Request
141
Setting Your Browser to Use the Agent Certificate
142
Testing Your New Certificate
142
Configuring an RSA Key Length Policy
143
Create a Policy
143
Use an LDAP Directory
145
Step 1. Enable Directory-Based Authentication
146
Step 2. Add a User to the Directory
147
Step 3. Enroll with Directory-Based Authentication
149
Publish Certificates to an LDAP Directory
150
Configure the Publishing Destination
151
Set Rules for Publishing Certificates
153
Update the Publishing Directory
154
Send Renewal Reminders
156
Configuring a Mail Server for Certificate Management System
157
Configuring Certificate Management System to Send Renewal Reminders
157
Part 2 Planning and Installation
161
Chapter 4 Planning Your Deployment
163
Topology Decisions
164
Server Groups and CMS Instances
164
Single Certificate Manager
165
Certificate Manager and Registration Manager
166
Certificate Manager and Data Recovery Manager
168
Certificate Manager, Data Recovery Manager, and Registration Manager
170
Cloned Certificate Manager
172
Certificate Authority Decisions
173
Ca's Distinguished Name
173
CA Signing Key Type and Length
174
CA Signing Certificate's Validity Period
174
Self-Signed Root Versus Subordinate CA
174
Cas and Certificate Extensions
175
CA Certificate Renewal or Reissuance
176
Cryptographic Token Decisions
177
Publishing Decisions
177
Publishing to Certificates and Crls to Files
178
Publishing to Certificates and Crls to a Directory
178
Publishing Crls to the Online Certificate Status Manager
179
Subsystem Certificate Decisions
180
SSL Server Certificates
180
Certificate Manager Certificates
180
Registration Manager Certificates
181
Data Recovery Manager Certificate and Storage Key
182
Online Certificate Status Manager Certificates
182
Authentication Decisions
183
Policy Decisions
183
Deployment Strategy and Port Assignments
184
Chapter 5 Installation Worksheet
187
Information for UNIX Installation Script
188
Installation Location
188
Configuration Directory Server
188
User/Group Directory Server
189
Configuration Directory Settings
189
Administration Server Information
190
Certificate Management System Identifier
191
Information for NT Installation Script
191
Installation Directory
191
Configuration Directory Server
191
User/Group Directory Server
192
Configuration Directory Settings
193
Configuration Directory Server Administrator
193
Directory Server Administration Domain
193
Directory Manager Settings
193
Administration Server Port
194
Certificate Management System Identifier
194
Initial Configuration
194
Internal Database
195
Administrator
195
Subsystems
195
Remote Certificate Manager
196
Remote Data Recovery Manager
196
Network Configuration
197
Certificate Manager Configuration
197
CA Signing Certificate
197
Ca's Serial Number Range
197
Key-Pair Information for CA Signing Certificate
198
Subject Name for CA Signing Certificate
198
Extensions for CA Signing Certificate
199
Validity Period for CA Signing Certificate
199
CA Signing Certificate Request
200
Registration Manager Configuration
201
Key-Pair Information for Registration Manager Signing Certificate
201
Registration Manager Signing Certificate Request
201
Registration Manager Signing Certificate Issuer
202
Subject Name for Registration Manager Signing Certificate
202
Data Recovery Manager Configuration
203
Key-Pair Information for Transport Certificate
203
Transport Certificate
203
Subject Name for Transport Certificate
204
Validity Period for Transport Certificate
204
Extensions for Transport Certificate
205
Data Recovery Scheme-1
206
Storage Key and Recovery Agent Configuration
206
Storage Key Creation
206
Transport Certificate Request
206
Data Recovery Scheme-2
207
Online Certificate Status Manager Configuration
207
Online Certificate Status Manager Signing Certificate Request
207
Key-Pair Information for Online Certificate Status Manager Signing Certificate
208
Subject Name for Online Certificate Status Manager Signing Certificate
208
Online Certificate Status Manager Signing Certificate Issuer
209
Cloned Certificate Manager Configuration
209
CA Signing Certificate
210
Ca's Serial Number Range
210
Cloned Key and Certificate Material
210
SSL Server Key and Certificate
211
SSL Server Certificate Configuration
211
Key-Pair Information for SSL Server Certificate
211
SSL Server Certificate
211
Subject Name for SSL Server Certificate
212
Validity Period for SSL Server Certificate
212
Extensions for SSL Server Certificate
213
SSL Certificate Request
214
Single Sign-On Password
214
Chapter 6 Installing Certificate Management System
215
Installation Overview
215
Installation Stages
216
Before You Begin the Installation
217
Stage 1. Running the Installation Script
219
Running the Installation Script on UNIX
219
Running the Installation Script on Windows NT
222
Stage 2. Running the Installation Wizard
225
Installing the Certificate Manager as a Root CA
227
Installing the Certificate Manager as a Subordinate CA
230
Installing a Standalone Registration Manager
242
Installing a Standalone Data Recovery Manager
253
Installing a Online Certificate Status Manager
264
Stage 3. Enrolling for Administrator/Agent Certificate
275
Agent Certificate for a Certificate Manager
275
Agent Certificate for Other CMS Managers
278
Stage 4. Further Configuration Options
281
Stage 5. Creating Additional Instances or CA Clones
282
Chapter 7 Installing and Uninstalling CMS Instances
283
Installing Multiple CMS Instances
284
Cloning a Certificate Manager
286
Step 1. before You Begin
287
Step 2. Create Instances for Clone cas
289
Installing Clone CA in Master Ca's Server Group
289
Installing Clone CA in a Different Server Group
290
Installing Clone CA on a Separate Host
291
Step 3. Shutdown the Master CA
291
Step 4. Copy Master Ca's Certificate and Key Database
292
Step 5. Start the Master CA
292
Step 6. Configure the Clone CA
292
Step 8. Establish Trust between Master CA and Clone cas
293
Step A. Locate the Master Ca's SSL Server Certificate
294
Step B. Create a Privileged-User Entry for Clone cas
296
Step 9. Test Clone-Master Connection
299
Step A. Request a Certificate from the Clone CA
299
Step B. Approve the Request
300
Step C. Download the Certificate to the Browser
300
Step D. Revoke the Certificate
301
Step E. Check Master Ca's CRL for the Revoked Certificate
301
Step 10. Use Master Ca's Agent Certificate in Clone cas
302
Viewing Instance Information
303
Changing the Name of an Instance
305
Removing an Instance from a System
306
Uninstalling Certificate Management System
308
Uninstalling by Using the Windows NT Add/Remove Programs Utility
308
Uninstalling from the Command Line
308
Chapter 8 Starting and Stopping CMS Instances
311
Starting Certificate Management System
312
Required Start-Up Information
312
Configuring the Server to Start Without the Single Sign-On Password
313
Configuring the Server to Read the Single Sign-On Password from a File
314
Starting from Netscape Console
317
Starting from the Command Line
318
Starting from the Windows NT Services Panel
319
Stopping Certificate Management System
320
Stopping from Netscape Console
320
Stopping from the Command Line
321
Stopping from the Windows NT Services Panel
322
Restarting Certificate Management System
322
Restarting from the CMS Window
322
Restarting from the Command Line
323
Checking System Status
324
Attending to an Unresponsive Server
325
CMS Watchdog Process
325
Password Cache
326
Password-Quality Checker
327
Part 3 Configuration
329
Chapter 9 Administration Tasks and Tools
331
Netscape Console
332
Console Tab
332
Users and Groups Tab
333
Netscape Administration Server
334
Starting Administration Server
335
Shutting down Administration Server
336
Logging in to Netscape Console
336
The CMS Window
338
Tasks Tab
339
Configuration Tab
339
Status Tab
342
Logging in to the CMS Window
343
Chapter 10 CMS Configuration
345
Effects of Installation Type on Configuration
345
Duplicating Configuration from One Instance to Another
347
Locating the Configuration File
348
Modifying the Configuration
349
Changing the Configuration from the CMS Window
349
Changing the Configuration by Editing the Configuration File
349
Guidelines for Editing the Configuration File
350
Sample Configuration File
353
Road Map to Configuring Subsystems
366
Step 1. Check Which Subsystems Are Installed in the Instance
366
Step 2. Check the Port Numbers
366
Step 3. Verify Key Pair and Certificates
366
Step 4. Set up Privileged Users
367
Step 5. Customize End-Entity and Agent Forms
367
Step 6. Setup Authentication for End Users
367
Step 7: Enable Event-Driven Notifications
368
Step 8. Schedule Jobs
368
Step 9. Set up Policies
368
Step 10. Set up Publishing
369
Step 11. Set up Key Archival and Recovery
369
Step 12. Set up Logging
369
Step 13. Plan for Backing up CMS Configuration and Data
370
Chapter 11 Setting up Ports
371
CMS Ports
371
Remote Administration Port
372
Agent Port
373
End-Entity Ports
373
Configuring Port Numbers
374
Step 1. Specify the Port Number
374
Step 2: Specify IP Addresses
377
Chapter 12 Setting up Internal Database
379
Internal Database
379
Configuring the Internal Database
380
Step 1. Identify the Directory Server Instance
381
Step 2. Restrict Access to the Internal Database
382
Chapter 13 Managing Privileged Users and Groups
385
Privileged-User Types and Responsibilities
386
Administrators
386
Agents
387
Agent's Certificate for SSL Client Authentication
389
Revocation Status Checking of Agent Certificates
392
Trusted Managers
394
Subsystems that Can Function as Trusted Managers
395
Connectors for Linking Trusted Managers
396
Trusted Manager's Certificate for SSL Client Authentication
397
Groups and Their Privileges
398
Group for Administrators
399
Groups for Agents
400
Group for Certificate Manager Agents
400
Group for Registration Manager Agents
400
Group for Data Recovery Manager Agents
401
Group for Online Certificate Status Manager Agents
401
Group for Trusted Managers
402
Setting up Privileged Users
403
Setting up Administrators
403
Step 1. Find the Required Information
403
Step 2. Add the Information to the Internal Database
403
Setting up Agents
406
Setting up Agents Using the Automated Process
406
Setting up Agents Using the Manual Process
407
Setting up Trusted Managers
413
Setting up Trusted Managers Using the Automated Process
413
Setting up a Registration Manager as a Trusted Manager
414
Setting up a Certificate Manager as a Trusted Manager
422
Changing Privileged-User Information
429
Changing a Privileged User's Login Information
429
Changing a Privileged User's Certificate
430
Changing Members in a Group
431
Deleting a Privileged User
432
Chapter 14 Managing CMS Keys and Certificates
435
Keys and Certificates for the Main Subsystems
436
Certificate Manager's Key Pairs and Certificates
437
CA Signing Key Pair and Certificate
437
OCSP Signing Key Pair and Certificate
438
Wtls CA Signing Certificate
438
CRL Signing Key Pair and Certificate
439
SSL Server Key Pair and Certificate
441
Remote Administration Server Certificate
443
Registration Manager's Key Pairs and Certificates
445
Signing Key Pair and Certificate
445
SSL Server Key Pair and Certificate
445
Remote Administration Server Certificate
446
Data Recovery Manager's Key Pairs and Certificates
446
Transport Key Pair and Certificate
447
Storage Key Pair
447
SSL Server Key Pair and Certificate
448
Remote Administration Server Certificate
448
Online Certificate Status Manager's Key Pairs and Certificates
449
OCSP Signing Key Pair and Certificate
449
SSL Server Key Pair and Certificate
449
Remote Administration Server Certificate
450
Tokens for Storing CMS Keys and Certificates
450
Internal Token
451
External Token
451
Installing External Tokens
451
Managing Tokens Used by the Subsystems
454
Viewing Tokens
454
Changing a Token's Password
455
Hardware Cryptographic Accelerators
455
Certificate Setup Wizard
456
Using the Wizard to Request a Certificate
457
Step 1. Select the Operation
457
Step 2. Choose the Certificate
458
Step 3. Specify the Key-Pair Information
460
Step 4. Specify the Subject Name for the Certificate
462
Step 5. Specify the Validity Period
463
Step 6. Specify Extensions
464
Step 7. Copy the Certificate Signing Request
466
Step 8. Check the Certificate Request Status
470
Using the Wizard to Install a Certificate or Certificate Chain
471
Data Formats for Installing Certificates and Certificate Chains
472
Step 1. Select the Operation
473
Step 2. Select the Certificate or Certificate Chain
474
Step 3. Specify the Location of the Certificate
475
Step 4. View the Certificate or Certificate Chain
477
Step 5. Install the Certificate or Certificate Chain
477
Step 6. Verify the Certificate Status
478
Configuring the Server's Security Preferences
478
Configuring the Server to Use Separate SSL Server Certificates
478
Step 1. Get the Required SSL Server Certificates
479
Step 2: Update the Configuration
479
Getting an SSL Client Certificate for a Subsystem
480
Setting up Cipher Preferences for SSL Communications
482
SSL Ciphers Supported in Certificate Management System
482
Configuring the Server to Use Specific Ciphers
484
Getting New Certificates for the Subsystems
485
Step 1. Plan for the New Certificate
486
Step 2. Request the New Certificate
489
Step 3. Install the New Certificate
489
Deploying Certificate Manager's CA Signing Certificate
490
Step 4. Deploy the New Certificate
490
Deploying Registration Manager's Signing Certificate
491
Deploying Data Recovery Manager's Transport Certificate
492
Deploying a Subsystem's SSL Server Certificate
493
Renewing Certificates for the Subsystems
494
Step 1. Plan for Certificate Renewal
495
Step 2. Renew the Existing Certificate
496
Step 3. Install the Renewed Certificate
497
Step 4. Deploy the Renewed Certificate
497
Deploying Certificate Manager's Renewed CA Signing Certificate
498
Deploying Registration Manager's Renewed Signing Certificate
498
Deploying Data Recovery Manager's Renewed Transport Certificate
499
Deploying a Subsystem's Renewed SSL Server Certificate
501
Step 5. Restart the Server
501
Managing the Certificate Database
502
Viewing the Certificate Database Content
502
Deleting a Certificate from the Certificate Database
504
Changing the Trust Settings of a CA Certificate
505
Installing a New CA Certificate in the Certificate Database
507
Installing a CA Certificate Chain in the Certificate Database
508
Chapter 15 Setting up End-User Authentication
509
Introduction to Authentication
509
Privileged-User Authentication
510
Authentication of Administrators
510
Authentication of Agents
512
End-Entity Authentication
515
Authentication of End Entities During Certificate Enrollment
515
Authentication of End Users During Certificate Renewal
515
Authentication of End Users During Certificate Revocation
517
Configuring Authentication for End-User Enrollment
521
Step 1. before You Begin
522
Step 2. Set up the Directory for PIN-Based Enrollment
523
Step A. Check the Directory for User Entries
523
Step B. Update the Directory
524
Step C. Prepare the Input File
525
Step D. Run the Command Without the Write Option
525
Step E. Check the Output File
526
Step F. Run the Command Again with the Write Option
526
Step 3. Enable the Attributepresentconstraints Policy
526
Step 4: Add an Authentication Instance
529
Step 5. Set up the Enrollment Interface
534
Step A. Associate the Authentication Instance with the Enrollment Form
534
Step B. Customize the Form
535
Step C. Hook up the Certificate-Based Enrollment Form
535
Step D. Remove Unwanted Enrollment Options
538
Step 6. Enable End-Entity Interaction
539
Enabling End-Entity Interaction with a Certificate Manager
539
Enabling End-Entity Interaction with a Registration Manager
541
Step 7. Turn on Automated Notification
542
Step 8. Test Your Authentication Setup
542
Step 9. Deliver Pins to End Users
544
Managing Authentication Instances
544
Deleting an Authentication Instance
544
Modifying an Authentication Instance
545
Managing Authentication Plug-In Modules
547
Registering an Authentication Module
547
Deleting an Authentication Module
549
Advertisement
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Manual (377 pages)
Brand:
Netscape
| Category:
Software
| Size: 3.08 MB
Table of Contents
Table of Contents
3
About this Guide
11
What's in this Guide
11
What You Should Already Know
13
Conventions Used in this Guide
14
Where to Go for Related Information
15
Chapter 1 Authentication Plug-In Modules
19
Overview of Authentication Modules
20
Manual Authentication
23
Uidpwddirauth Plug-In Module
24
Configuration Parameters of Uidpwddirauth
26
Uidpwdpindirauth Plug-In Module
30
Configuration Parameters of Uidpwdpindirauth
31
Nisauth Plug-In Module
37
Configuration Parameters of Nisauth
39
Portalenroll Plug-In Module
44
Configuration Parameters of Portalauth
47
Certificate-Based Enrollment
52
Enrollment Forms
55
Customizing Enrollment Forms for Generating DSA Key Pairs
60
Generating Files Required by Third-Party Object Signing Tools
61
Chapter 2 Job Plug-In Modules
65
Overview of Job Plug-In Modules
65
Renewalnotificationjob Plug-In Module
67
Configuration Parameters of Renewalnotificationjob
68
Requestinqjob Plug-In Module
71
Configuration Parameters of Requestinqjob
72
Unpublishexpiredjob Plug-In Module
74
Configuration Parameters of Unpublishexpiredjob
76
Schedule for Executing Jobs
78
Customizing Notification Messages
79
Templates for Summary Notifications
79
Customizing Message Templates
81
Tokens Available in Message Templates
81
Tokens for Renewal Notification Messages
81
Tokens for Request in Queue Notification Messages
83
Tokens for Directory Update Notification Messages
83
Chapter 3 Constraints Policy Plug-In Modules
85
Overview of Constraints-Specific Policy Modules
86
Attributepresentconstraints Plug-In Module
88
Configuration Parameters of Attributepresentconstraints
89
Dsakeyconstraints Plug-In Module
93
Configuration Parameters of Dsakeyconstraints
94
Dsakeyrule Rule
96
Issuerconstraints Plug-In Module
96
Configuration Parameters of Issuerconstraints
97
Issuerrule Rule
98
Keyalgorithmconstraints Plug-In Module
99
Configuration Parameters of Keyalgorithmconstraints
99
Keyalgrule Rule
101
Renewalconstraints Plug-In Module
101
Configuration Parameters of Renewalconstraints
102
Renewalconstraintsrule Rule
103
Renewalvalidityconstraints Plug-In Module
104
Configuration Parameters of Renewalvalidityconstraints
105
Defaultrenewalvalidityrule Rule
107
Revocationconstraints Plug-In Module
108
Configuration Parameters of Revocationconstraints
108
Revocationconstraintsrule Rule
109
Rsakeyconstraints Plug-In Module
110
Configuration Parameters of Rsakeyconstraints
110
Rsakeyrule Rule
112
Signingalgorithmconstraints Plug-In Module
113
Configuration Parameters of Signingalgorithmconstraints
114
Signingalgrule Rule
116
Subcanameconstraints Plug-In Module
116
Configuration Parameters of Subcanameconstraints
117
Subcanameconstraints Rule
118
Uniquesubjectnameconstraints Plug-In Module
119
Configuration Parameters of Uniquesubjectnameconstraints
119
Uniquesubjectnameconstraints Rule
122
Validityconstraints Plug-In Module
122
Configuration Parameters of Validityconstraints
124
Defaultvalidityrule Rule
127
Chapter 4 Certificate Extension Plug-In Modules
129
Overview of Extension-Specific Policy Modules
130
Authinfoaccessext Plug-In Module
134
Configuration Parameters of Authinfoaccessext
136
Authinfoaccessext Rule
141
Authoritykeyidentifierext Plug-In Module
142
Configuration Parameters of Authoritykeyidentifierext
143
Authoritykeyidentifierext Rule
145
Basicconstraintsext Plug-In Module
145
Configuration Parameters of Basicconstraintsext
146
Basicconstraintsext Rule
148
Certificatepoliciesext Plug-In Module
149
Configuration Parameters of Certificatepoliciesext
150
Certificatepoliciesext Rule
153
Certificaterenewalwindowext Plug-In Module
154
Configuration Parameters of Certificaterenewalwindowext
155
Certificatescopeofuseext Plug-In Module
159
Configuration Parameters of Certificatescopeofuseext
160
Crldistributionpointsext Plug-In Module
164
Configuration Parameters of Crldistributionpointsext
164
Crldistributionpointsext Rule
168
Extendedkeyusageext Plug-In Module
169
Configuration Parameters of Extendedkeyusageext
171
Codesigningext Rule
173
Ocspsigningext Rule
174
Genericasn1Ext Plug-In Module
175
Configuration Parameters of Genericasn1Ext
177
Genericasn1Ext Rule
182
Issueraltnameext Plug-In Module
182
Configuration Parameters of Issueraltnameext
183
Keyusageext Plug-In Module
187
Configuration Parameters of Keyusageext
189
Cmcertkeyusageext Rule
194
Rmcertkeyusageext Rule
195
Servercertkeyusageext Rule
196
Clientcertkeyusageext Rule
197
Objsigncertkeyusageext Rule
199
Crlsigncertkeyusageext
200
Nameconstraintsext Plug-In Module
200
Configuration Parameters of Nameconstraintsext
201
Nameconstraintsext Rule
208
Nsccommentext Plug-In Module
209
Configuration Parameters of Nsccommentext
210
Nsccommentext Rule
212
Nscerttypeext Plug-In Module
213
Configuration Parameters of Nscerttypeext
216
Nscerttypeext Rule
218
Ocspnocheckext Plug-In Module
218
Configuration Parameters of Ocspnocheckext
220
Ocspnocheckext Rule
221
Policyconstraintsext Plug-In Module
222
Configuration Parameters of Policyconstraintsext
222
Policyconstraintsext Rule
225
Policymappingsext Plug-In Module
225
Configuration Parameters of Policymappingsext
226
Policymappingsext Rule
229
Privatekeyusageperiodext Plug-In Module
229
Configuration Parameters of Privatekeyusageperiodext
230
Removebasicconstraintsext Plug-In Module
231
Configuration Parameters of Removebasicconstraintsext
232
Subjectaltnameext Plug-In Module
233
Configuration Parameters of Subjectaltnameext
235
Subjectaltnameext Rule
238
Subjectdirectoryattributesext Plug-In Module
239
Configuration Parameters of Subjectdirectoryattributesext
240
Subjectkeyidentifierext Plug-In Module
243
Configuration Parameters of Subjectkeyidentifierext
244
Subjectkeyidentifierext Rule
246
Chapter 5 Mapper Plug-In Modules
249
Overview of Mapper Modules
250
Ldapcasimplemap Plug-In Module
253
Configuration Parameters of Ldapcasimplemap
254
Ldapcacertmap Mapper
256
Ldapcrlmap Mapper
257
Ldapdncompsmap Plug-In Module
257
Configuration Parameters of Ldapdncompsmap
260
Ldapdnexactmap Plug-In Module
262
Configuration Parameters of Ldapdnexactmap
263
Ldapsimplemap Plug-In Module
263
Configuration Parameters of Ldapsimplemap
264
Ldapusercertmap Mapper
265
Ldapsubjattrmap Plug-In Module
266
Configuration Parameters of Ldapsubjattrmap
266
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Manual (176 pages)
Brand:
Netscape
| Category:
Software
| Size: 1.28 MB
Table of Contents
Table of Contents
3
About this Guide
9
What's in this Guide
9
What You Should Already Know
9
Conventions Used in this Guide
10
Where to Go for Related Information
12
Chapter 1 Before You Begin
15
What You Need to Know to Change Forms
15
HTTP, Query Urls, and HTML Forms
16
Javascript
16
How the Forms Work
16
Requests Sent to the CMS Server
17
Responses and Output Templates
17
Errors and the Error Template
19
Javascript Used by All Interfaces
20
Part 1 Customizing End-Entity Services Interface
25
Chapter 2 Introduction to End-Entity Services Interface
27
End-Entity Services Interface
27
How Client Type Determines the End-Entity Interface
29
Certificate Request Formats Specific to End Entities
29
Accessing the End-Entity Services Interface
31
End-Entity Forms and Templates
31
Locating End-Entity Forms and Templates
31
Forms for Certificate Enrollment
32
Forms for Certificate Renewal
33
Forms for Certificate Revocation
34
Forms for Certificate Retrieval
34
Forms for Key Recovery
35
Other Forms
35
Output Templates for End-Entity Interfaces
36
Chapter 3 End-Entity Interface Reference
39
Overview of End-Entity Interfaces
40
Certificate Enrollment Protocol Interface
41
Description
41
Default Forms
41
Request Parameters
41
Challenge Revocation Interface
42
Description
42
Default Forms
42
Request Parameters
42
Response
44
Display Certificate by Serial Number Interface
44
Description
44
Default Forms
44
Request Parameters
44
Response
45
Display Certificate from Request Interface
46
Description
46
Default Forms
46
Request Parameters
47
Response
47
Enrollment Interface
49
Description
49
Default Forms
50
Request Parameters
51
Response
55
Get CA Chain Interface
59
Description
59
Default Forms
60
Request Parameters
60
Response
61
Get Certificate by Serial Number Interface
61
Description
61
Default Forms
62
Request Parameters
62
Response
63
Get Certificate from Request Interface
65
Description
65
Default Forms
66
Request Parameters
66
Response
67
Get CRL Interface
69
Description
69
Default Forms
70
Request Parameters
70
Response
71
List Certificates Interface
72
Description
72
Default Forms
73
Request Parameters
73
Response
78
Renewal Interface
80
Description
80
Default Forms
81
Request Parameters
81
Response
81
Revocation Interface
82
Description
82
Default Forms
82
Request Parameters
82
Response
85
Chapter 4 Internationalization of End-Entity Interface
87
Displaying Forms in Non-English Languages
87
Part 2 Customizing Agent Services Interface
91
Chapter 5 Introduction to Agent Services Interface
93
Agent Services Interface
93
Certificate Manager Agent Services
94
Registration Manager Agent Services
95
Data Recovery Manager Agent Services
96
Accessing the Agent Services Interface
96
Agent Forms and Templates
97
Structure of the Agent Services Interface
97
Locating Agent Forms and Templates
98
Advertisement
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Manual (153 pages)
Command-line tools guide
Brand:
Netscape
| Category:
Software
| Size: 0.91 MB
Table of Contents
Table of Contents
3
About this Guide
9
What You Should Already Know
9
What's in this Guide
10
Conventions Used in this Guide
11
Where to Go for Related Information
13
Chapter 1 Command-Line Tools
15
Chapter 2 Password Cache Utility
19
Location
19
Syntax
20
Usage
20
Changing the Single Sign-On Password
21
Listing the Contents of the Password Cache
21
Adding a New Entry to the Password Cache
22
Changing the Password of an Entry in the Password Cache
22
Deleting an Entry from the Password Cache
23
Creating a New Password Cache
24
Chapter 3 Kill Process Tool
25
Location
25
Syntax
25
Usage
26
Chapter 4 PIN Generator Tool
27
Locating the PIN Generator Tool
27
The Setpin Command
28
Command-Line Syntax
28
Arguments
28
Example
32
How the Tool Works
32
Input File
35
Output File
36
How Pins Are Stored in the Directory
37
Exit Codes
38
Chapter 5 Extension Joiner Tool
39
Location
40
Syntax
40
Usage
40
Chapter 6 Backing up and Restoring Data
43
Backup and Restore Tools
43
Backing up Data
44
What the Backup Tool Does
44
What the Backup Tool Does Not Do
46
Running the Backup Tool
47
After You Finish a Backup
48
Restoring Data
49
Before You Restore Data
49
Running the Restore Tool
50
Chapter 7 ASCII to Binary Tool
53
Availability
53
Syntax
53
Example
54
Chapter 8 Binary to ASCII Tool
55
Availability
55
Syntax
55
Example
56
Chapter 9 Pretty Print Certificate Tool
57
Availability
57
Syntax
57
Example
58
Chapter 10 Pretty Print CRL Tool
61
Availability
61
Syntax
61
Example
62
Chapter 11 Certificate Database Tool
65
Availability
65
Syntax
66
Options and Arguments
66
Usage
70
Examples
71
Creating a New Certificate Database
71
Listing Certificates in a Database
72
Creating a Certificate Request
72
Creating a Certificate
73
Adding a Certificate to the Database
73
Validating a Certificate
74
Chapter 12 Key Database Tool
77
Availability
77
Syntax
78
Options and Arguments
78
Usage
80
Examples
81
Creating a Key Database
81
Generating a New Key
82
Displaying Public Key Information
83
Listing Key Ids
83
Deleting a Private Key
84
Chapter 13 Netscape Signing Tool
85
Introduction to Netscape Signing Tool
85
What Is Netscape Signing Tool
86
JAR Format and JAR Archives
87
What Signing a File Means
88
Object-Signing Certificates
88
Using Netscape Signing Tool
89
Getting Ready to Use Netscape Signing Tool
90
Setting up Your Certificate
90
Listing Available Certificates
91
Signing a File
92
Using Netscape Signing Tool with a ZIP Utility
93
Tips and Techniques
93
Signtool Syntax and Options
95
Command Syntax
95
Command Options
95
Command File Syntax
100
Command File Keywords and Example
100
Generating Test Object-Signing Certificates
102
Generating the Keys and Certificate
102
Using Netscape Signing Tool with Smart Cards
104
What Is a Smart Card
104
Setting up a Smart Card
104
Using the -M Option to List Smart Cards
106
Using Netscape Signing Tool and a Smart Card to Sign Files
106
Netscape Signing Tool and FIPS-140-1
107
Using FIPS-140 Mode
107
Verifying FIPS Mode
108
Answers to Common Questions
109
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 Manual (85 pages)
Brand:
Netscape
| Category:
Software
| Size: 0.77 MB
Table of Contents
Table of Contents
3
About this Guide
5
What You Should Already Know
5
What's in this Guide
6
Conventions Used in this Guide
7
Where to Go for Related Information
8
Chapter 1 Agent Services
11
Overview of Certificate Management System
11
Agent Tasks
15
Certificate Manager Agent Services
15
Registration Manager Agent Services
17
Data Recovery Manager Agent Services
18
Online Certificate Status Manager Agent Services
19
Forms for Performing Agent Operations
20
Accessing Agent Services
23
Administrator/Agent Certificate Enrollment
23
Agent Services Entry Page
26
Services Summary Page
27
Chapter 2 Handling Certificate Requests
29
Managing Requests
29
Listing Certificate Requests
32
Selecting a Request
34
Approving Requests
35
Assigning a Request
36
Adjusting, Verifying, and Approving a Request
36
Sending an Issued Certificate to the Requester
40
Other Options for Handling Requests
43
Chapter 3 Finding and Revoking Certificates
45
Basic Certificate Listing
45
Advanced Certificate Search
47
Examining Certificates
52
Revoking Certificates
53
Searching for Certificates to Revoke
53
Revoking One or more Certificates
54
Revoking One Certificate
54
Revoking Multiple Certificates
55
Confirming a Revocation
55
Managing the Certificate Revocation List
57
Viewing or Examining Crls
57
Updating the CRL
58
Chapter 4 Publishing to a Directory
61
Working with a Directory Server
61
Automatic Directory Updates
61
Manual Directory Updates
62
Updating the Directory with Changes
62
Chapter 5 Recovering Encrypted Data
65
Finding and Recovering Keys
65
Finding Archived Keys
66
Selecting a Key
68
Recovering Keys
69
Remote Recovery Authorization
71
Viewing Key Service Requests
72
Listing Key Service Requests
73
Selecting a Request
75
Advertisement
Related Products
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINE
Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - AGENT GUIDE
Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
Netscape Categories
Server
Software
Gateway
More Netscape Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL