Overview of Authentication Modules18 Netscape Certificate Management System Plug-Ins Guide • March 2002Overview of Authentication ModulesCertificate Management System supports both manual and automated certificateissuance.• In the manual method of certificate issuance, end entities supply most of theinformation required by the server to formulate certificate requests and issuecertificates. Manual issuance is also dependent on human agents; it requiresthat all end-entity certificate requests be approved by agents before the servercan process the requests. To understand the role of an agent in your PKI, seesection “Agents” in Chapter 13, Managing Privileged Users and Groups” ofCMS Installation and Setup Guide.• In the automated method of certificate issuance, repositories, such asdirectories, supply part of the end-entity information. End entities only supplycertain information—for example, a user ID and password—contained in therepository during certificate enrollment. The server uses this information forauthenticating end entities before retrieving information required to formulatethe certificate request from the repository.For details on the manual method of certificate issuance, see “ManualAuthentication” on page 21. For the automated method of certificate issuance,Certificate Management System provides a set of plug-in modules. Plug-inmodules are implemented as Java classes and are registered in the CMSauthentication framework. The Authentication Plugin Registration tab of the CMSwindow (see Figure 1-1) lists all the modules and the corresponding classes that arecurrently registered with a CMS instance.Figure 1-1 Default authentication modules for end-user enrollment