Signed Audit Log280 Netscape Certificate Management System Administrator’s Guide • February 2003Setting Up Signed Audit LogsTo set up signed audit logs:1. Set up the certificate profiles caAuditCert and raAuditCert. See “Setting UpCertificate Profiles,” on page 434 for information about setting up certificateprofiles. See Chapter 10, “Certificate Profiles” for general information aboutcertificate profiles.2. Approve the caAuditCert and raAuditCert certificate profiles by approvingthem in the agent services interface, thus enabling them.If the request for this certificate is received in the end-entity interface of aCertificate Manager, enable the caAuditCert profile in that CertificateManager.If the request for this certificate is received in the end-entity interface of aRegistration Manager, enable the raAuditCert profile in that RegistrationManager and enable the raAuditCert profile in that Certified Manager thatprocesses the requests of that Registration Manager.AUTH_FAIL A CMS user does not successfully authenticate.AUTH_SUCCESS A CMS user does successfully authenticate.CERT_PROFILE_APPROVAL A certificate profile sent by an administrator isapproved by an agent.PROOF_OF_POSSESSION When proof of possession is checked duringcertificate enrollment.CRL_RETRIEVAL When a CRL is retrieved by the OCSP ResponderCRL_VALIDATION When a CRL is retrieved and validation processoccurs.CMC_SIGNED_REQUEST_SIG_VERIFYUsed when CMC (agent-pre-signed) cert requestsor revocation requests are submitted and signatureis verified.AUDIT_LOG_SIGNING The audit buffer is signed and flushed to disk.Table 7-3 Signed-Audit Log EventsLogging Event Type of Log Messages are Generated
