Setting Up Privileged Users406 Netscape Certificate Management System Installation and Setup Guide • May 2002Setting Up a Certificate Manager as a Trusted ManagerYou can set up a Certificate Manager to function as a trusted manager to a remoteData Recovery Manager. The setup process involves the following steps:• Step 1. Find the Required Information• Step 2. Create a User Entry for the Certificate Manager• Step 3. Copy the Certificate Manager’s Certificate to the Internal Database• Step 4. Check the Certificate Database for the CA Certificate• Step 5. Configure Certificate Manager’s Connector SettingsStep 1. Find the Required InformationBefore setting up a Certificate Manager to function as a trusted manager to a DataRecovery Manager:• Note identifying information, such as the instance ID and host name of theCertificate Manager.• Make sure that the Certificate Manager has the certificate you want it to use forSSL client authentication to the Data Recovery Manager that will trust it; bydefault, the Certificate Manager uses its SSL server certificate for this purpose.The certificate must be currently valid; the certificate must not have expired,been revoked, or been signed by an authority untrusted by the subsystem. Fordetails, see “Trusted Manager’s Certificate for SSL Client Authentication” onpage 383.• Locate the certificate in base-64 encoded format. Copy the certificate, includingthe -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----marker lines, to a text file.• Identify the Data Recovery Manager to which you want to connect theCertificate Manager. Note details, such as the host name and port number ofthat Data Recovery Manager.Step 2. Create a User Entry for the Certificate ManagerIn this step, you create a privileged-user entry for the Certificate Manager in theinternal database of the Data Recovery Manager. As a part of creating this entry,you also add the user entry to the Trusted Managers group in order to give theentry access privileges to the agent port of the Data Recovery Manager.