UidPwdDirAuth Plug-in Module24 Netscape Certificate Management System Plug-ins Guide • October 2001These are the steps shown in Figure 1-2:1. In the manual enrollment form, the end entity enters the information needed torequest a certificate and submits the request to the server.2. When the server receives the request, it automatically lists the request in acertificate request queue for an agent to process.3. An agent verifies the authenticity of the request.m If the request is from a valid end entity, the agent verifies that all theinformation the end entity has provided in the request is correct, makesrequired modifications, if any, and approves the certificate request forissuance.m If the request is from an invalid end entity, the agent rejects the request,which in turn triggers a rejection notification to the end entity.4. When the server receives the agent-approved request, it subjects it to policyprocessing. For details, see Chapter 18, “Setting Up Policies” of CMSInstallation and Setup Guide.m If the request fails any of the configured policies, the server rejects therequest, logs an error message, and sends a rejection notification to the endentity.m If the request passes all the configured policies, the server issues thecertificate.The certificate is delivered to the email address specified in the certificaterequest.UidPwdDirAuth Plug-in ModuleThe UidPwdDirAuth plug-in module implements the directory-basedauthentication method. You can use this module for authenticating end users,provided their information is stored in an LDAP directory, during certificateenrollment.Here’s how the enrollment method works: as part of configuring a CertificateManager and a Registration Manager, or both, for authentication, you specify anLDAP directory that the server must use to authenticate end users. End users enrollfor a certificate by entering their user IDs and passwords for this authentication