Manuals database logo
manualsdatabase
Your AI-powered manual search engine

Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 manuals

NETSCAPE MANAGEMENT SYSTEM 4.5 first page preview

NETSCAPE MANAGEMENT SYSTEM 4.5

Brand: Netscape | Category: Software
Table of contents
  1. Table Of Contents
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. About This Guide
  7. What's in This Guide
  8. Conventions Used in This Guide
  9. Where to Go for Related Information
  10. Syntax
  11. Changing the Single Sign-On Password
  12. Adding a New Entry to the Password Cache
  13. Deleting an Entry From the Password Cache
  14. Creating a New Password Cache
  15. Location
  16. Usage
  17. Locating the PIN Generator Tool
  18. The setpin Command
  19. Example
  20. Input File
  21. Output File
  22. How PINs Are Stored in the Directory
  23. Exit Codes
  25. Chapter 5 Extension Joiner Tool
  26. Backing Up Data
  27. What the Backup Tool Does Not Do
  28. Running the Backup Tool
  29. After You Finish a Backup
  30. Restoring Data
  31. Running the Restore Tool
  34. Availability
  41. Options and Arguments
  43. Examples
  44. Listing Certificates in a Database
  45. Creating a Certificate
  46. Validating a Certificate
  50. Creating a Key Database
  51. Generating a New Key
  52. Displaying Public Key Information
  53. Introduction to Netscape Signing Tool
  54. What Is Netscape Signing Tool
  55. JAR Format and JAR Archives
  56. What Signing a File Means
  57. Using Netscape Signing Tool
  58. Getting Ready to Use Netscape Signing Tool
  59. Listing Available Certificates
  60. Signing a File
  61. Using Netscape Signing Tool with a ZIP Utility
  62. SignTool Syntax and Options
  63. Command File Syntax
  64. Generating Test Object-Signing Certificates
  65. Using Netscape Signing Tool with Smart Cards
  66. Using the -M Option to List Smart Cards
  67. Netscape Signing Tool and FIPS-140-1
  68. Verifying FIPS Mode
  69. Answers to Common Questions
  70. Description
  71. Options
  73. Example 1
  74. Example 2
  75. Example 3
  76. Example 4
  77. Usage Tips
  80. Restricting Ciphers
  86. JAR Installation File
  87. Script Grammar
  88. Keys
  89. Per-Platform Keys
  90. Per-File Keys
  92. Creating Database Files
  93. Setting a Default Provider
  94. Enabling a Slot
  95. Adding a Cryptographic Module
NETSCAPE MANAGEMENT SYSTEM 4.5 first page preview

NETSCAPE MANAGEMENT SYSTEM 4.5

Brand: Netscape | Category: Software
Table of contents
  1. Table Of Contents
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. Table Of Contents
  7. About This Guide
  8. Conventions Used in This Guide
  9. Where to Go for Related Information
  10. What You Need to Know to Change Forms
  11. HTTP, Query URLs, and HTML Forms
  12. Requests Sent to the CMS server
  13. Errors and the Error Template
  14. JavaScript Used By All Interfaces
  15. Part 1 Customizing End-Entity Services Interface
  16. How Client Type Determines the End-Entity Interface
  17. Accessing the End-Entity Services Interface
  18. Forms for Certificate Enrollment
  19. Forms for Certificate Renewal
  20. Forms for Certificate Revocation
  21. Forms for Key Recovery
  22. Output Templates for End-Entity Interfaces
  23. Overview of End-Entity Interfaces
  24. Certificate Enrollment Protocol Interface
  25. Challenge Revocation Interface
  26. Response
  28. Display Certificate From Request Interface
  29. Request Parameters
  30. Enrollment Interface
  31. Default Forms
  34. Get CA Chain Interface
  36. Get Certificate By Serial Number Interface
  39. Get Certificate From Request Interface
  42. Get CRL Interface
  45. List Certificates Interface
  48. Renewal Interface
  50. Revocation Interface
  52. Chapter 4 Internationalization of End-Entity Interface
  53. Part 2 Customizing Agent Services Interface
  54. Agent Services Interface
  55. Certificate Manager Agent Services
  56. Registration Manager Agent Services
  57. Data Recovery Manager Agent Services
  58. Agent Forms and Templates
  59. Locating Agent Forms and Templates
  60. Overview of Agent Interfaces
  61. Approve Revocation Interface
  64. Bulk Enrollment Interface
  65. Configuration Parameters
  68. Display Key By Serial Number Interface
  70. Display Key For Recovery Interface
  72. Examine Recovery Interface
  74. Get Approval Status Interface
  77. Get PKCS #12 Data Interface
  78. Grant Recovery Interface
  80. Key Query Interface
  83. Key Recovery Query Interface
  86. Process Certificate Request Interface
  89. Process DRM Request Interface
  91. Process Request Interface
  93. Recover Key By Serial Number Interface
  96. Remove Certificate Hold Interface
  98. Requests Query Interface
  101. Select for Revocation Interface
  104. Update CRL Interface
  106. Update Directory Interface
NETSCAPE MANAGEMENT SYSTEM 4.5 first page preview

NETSCAPE MANAGEMENT SYSTEM 4.5

Brand: Netscape | Category: Software
Table of contents
  1. Table Of Contents
  2. Table Of Contents
  3. About This Guide
  4. What's in This Guide
  5. Conventions Used in This Guide
  6. Where to Go for Related Information
  7. Chapter 1 Agent Services
  8. Agent Tasks
  9. Registration Manager Agent Services
  10. Data Recovery Manager Agent Services
  11. Online Certificate Status Manager Agent Services
  12. Forms for Performing Agent Operations
  13. Accessing Agent Services
  14. Agent Services Entry Page
  15. Services Summary Page
  16. Listing Certificate Requests
  17. Selecting a Request
  18. Approving Requests
  19. Assigning a Request
  20. Sending an Issued Certificate to the Requester
  21. Other Options for Handling Requests
  22. Basic Certificate Listing
  23. Advanced Certificate Search
  24. Examining Certificates
  25. Revoking Certificates
  26. Revoking One or More Certificates
  27. Revoking Multiple Certificates
  28. Managing the Certificate Revocation List
  29. Updating the CRL
  30. Working with a Directory Server
  31. Manual Directory Updates
  32. Finding Archived Keys
  33. Selecting a Key
  34. Recovering Keys
  35. Remote Recovery Authorization
  36. Viewing Key Service Requests
  37. Listing Key Service Requests
  39. Identifying a CA to Online Certificate Status Manager
  40. Adding a CRL to Online Certificate Status Manager
  41. Checking the Revocation Status of a Certificate
NETSCAPE MANAGEMENT SYSTEM 4.5 first page preview

NETSCAPE MANAGEMENT SYSTEM 4.5

Brand: Netscape | Category: Software
Table of contents
  1. Table Of Contents
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. Table Of Contents
  7. Table Of Contents
  8. About This Guide
  9. What You Should Already Know
  10. Conventions Used in This Guide
  11. Where to Go for Related Information
  12. Overview of Authentication Modules
  13. Manual Authentication
  14. UidPwdDirAuth Plug-in Module
  15. Configuration Parameters of UidPwdDirAuth
  16. UidPwdPinDirAuth Plug-in Module
  17. Configuration Parameters of UidPwdPinDirAuth
  18. NISAuth Plug-in Module
  19. Configuration Parameters of NISAuth
  20. PortalEnroll Plug-in Module
  21. Configuration Parameters of PortalAuth
  22. Certificate-Based Enrollment
  23. Enrollment Forms
  24. Customizing Enrollment Forms for Generating DSA Key Pairs
  25. Generating Files Required By Third-Party Object Signing Tools
  26. RenewalNotificationJob Plug-in Module
  27. Configuration Parameters of RenewalNotificationJob
  28. RequestInQJob Plug-in Module
  29. Configuration Parameters of RequestInQJob
  30. UnpublishExpiredJob Plug-in Module
  31. Configuration Parameters of UnpublishExpiredJob
  32. Schedule for Executing Jobs
  33. Customizing Notification Messages
  34. Customizing Message Templates
  35. Tokens for Request In Queue Notification Messages
  36. Overview of Constraints-Specific Policy Modules
  37. AttributePresentConstraints Plug-in Module
  38. Configuration Parameters of AttributePresentConstraints
  39. DSAKeyConstraints Plug-in Module
  40. Configuration Parameters of DSAKeyConstraints
  41. DSAKeyRule Rule
  42. Configuration Parameters of IssuerConstraints
  43. IssuerRule Rule
  44. KeyAlgorithmConstraints Plug-in Module
  45. KeyAlgRule Rule
  46. Configuration Parameters of RenewalConstraints
  47. RenewalConstraintsRule Rule
  48. RenewalValidityConstraints Plug-in Module
  49. Configuration Parameters of RenewalValidityConstraints
  50. DefaultRenewalValidityRule Rule
  51. RevocationConstraints Plug-in Module
  52. RevocationConstraintsRule Rule
  53. RSAKeyConstraints Plug-in Module
  54. RSAKeyRule Rule
  55. SigningAlgorithmConstraints Plug-in Module
  56. Configuration Parameters of SigningAlgorithmConstraints
  57. SigningAlgRule Rule
  58. Configuration Parameters of SubCANameConstraints
  59. SubCANameConstraints Rule
  60. UniqueSubjectNameConstraints Plug-in Module
  61. UniqueSubjectNameConstraints Rule
  62. Configuration Parameters of ValidityConstraints
  63. Overview of Extension-Specific Policy Modules
  64. AuthInfoAccessExt Plug-in Module
  65. Configuration Parameters of AuthInfoAccessExt
  66. AuthInfoAccessExt Rule
  67. AuthorityKeyIdentifierExt Plug-in Module
  68. Configuration Parameters of AuthorityKeyIdentifierExt
  69. AuthorityKeyIdentifierExt Rule
  70. Configuration Parameters of BasicConstraintsExt
  71. BasicConstraintsExt Rule
  72. CertificatePoliciesExt Plug-in Module
  73. Configuration Parameters of CertificatePoliciesExt
  74. CertificatePoliciesExt Rule
  75. CertificateRenewalWindowExt Plug-in Module
  76. Configuration Parameters of CertificateRenewalWindowExt
  77. CertificateScopeOfUseExt Plug-in Module
  78. Configuration Parameters of CertificateScopeOfUseExt
  79. CRLDistributionPointsExt Plug-in Module
  80. CRLDistributionPointsExt Rule
  81. ExtendedKeyUsageExt Plug-in Module
  82. Configuration Parameters of ExtendedKeyUsageExt
  83. CODESigningExt Rule
  84. OCSPSigningExt Rule
  85. GenericASN1Ext Plug-in Module
  86. Configuration Parameters of GenericASN1Ext
  87. GenericASN1Ext Rule
  88. Configuration Parameters of IssuerAltNameExt
  89. KeyUsageExt Plug-in Module
  90. Configuration Parameters of KeyUsageExt
  91. CMCertKeyUsageExt Rule
  92. RMCertKeyUsageExt Rule
  93. ServerCertKeyUsageExt Rule
  94. ClientCertKeyUsageExt Rule
  95. ObjSignCertKeyUsageExt Rule
  96. CRLSignCertKeyUsageExt
  97. Configuration Parameters of NameConstraintsExt
  98. NameConstraintsExt Rule
  99. NSCCommentExt Plug-in Module
  100. Configuration Parameters of NSCCommentExt
  101. NSCCommentExt Rule
  102. NSCertTypeExt Plug-in Module
  103. Configuration Parameters of NSCertTypeExt
  104. NSCertTypeExt Rule
  105. Configuration Parameters of OCSPNoCheckExt
  106. OCSPNoCheckExt Rule
  107. PolicyConstraintsExt Plug-in Module
  108. PolicyConstraintsExt Rule
  109. Configuration Parameters of PolicyMappingsExt
  110. PolicyMappingsExt Rule
  111. Configuration Parameters of PrivateKeyUsagePeriodExt
  112. RemoveBasicConstraintsExt Plug-in Module
  113. Configuration Parameters of RemoveBasicConstraintsExt
  114. SubjectAltNameExt Plug-in Module
  115. Configuration Parameters of SubjectAltNameExt
  116. SubjectAltNameExt Rule
  117. SubjectDirectoryAttributesExt Plug-in Module
  118. Configuration Parameters of SubjectDirectoryAttributesExt
  119. SubjectKeyIdentifierExt Plug-in Module
  120. Configuration Parameters of SubjectKeyIdentifierExt
  121. Overview of Mapper Modules
  122. LdapCaSimpleMap Plug-in Module
  123. Configuration Parameters of LdapCaSimpleMap
  124. LdapCaCertMap Mapper
  125. LdapCrlMap Mapper
  126. Configuration Parameters of LdapDNCompsMap
  127. LdapDNExactMap Plug-in Module
  128. Configuration Parameters of LdapDNExactMap
  129. Configuration Parameters of LdapSimpleMap
  130. LdapUserCertMap Mapper
  131. Configuration Parameters of LdapSubjAttrMap
  132. Overview of Publisher Modules
  133. FileBasedPublisher Plug-in Module
  134. LdapCaCertPublisher Plug-in Module
  135. Configuration Parameters of LdapCaCertPublisher
  136. LdapCaCertPublisher Publisher
  137. Configuration Parameters of LdapUserCertPublisher
  138. LdapUserCertPublisher Publisher
  139. Configuration Parameters of LdapCrlPublisher
  140. LdapCrlPublisher Publisher
  141. Overview of CRL Extension Modules
  142. AuthorityKeyIdentifier Rule
  143. CRLNumber Rule
  144. CRLReason Rule
  145. HoldInstruction Rule
  146. InvalidityDate Rule
  147. IssuerAlternativeName Rule
  148. Overview of Log Modules
  149. file Plug-in Module
  150. Configuration Parameters of file
  151. Audit Log Event Listener
  152. Error Log Event Listener
  153. System Log Event Listener
  154. Configuration Parameters of NTEventLog
  155. NTSystem Event Listener
  156. What Is a Distinguished Name
  157. Distinguished Name Components
  158. Root Distinguished Name
  159. DNs in Certificate Management System
  160. Extending Attribute Support
  161. Adding New or Proprietary Attributes
  162. Adding Attributes to an Enrollment Form
  163. Changing the DER Encoding Order
  164. Role of Distinguished Names in Certificates
  165. DNs in End-Entity Certificates
  166. Selecting DNs for Certificates
  167. Appendix B Object Identifiers
  168. Introduction to Certificate Extensions
  169. Structure of Certificate Extensions
  170. Sample Certificate Extensions
  171. Standard X.509 v3 Certificate Extensions
  172. authorityInfoAccess
  173. authorityKeyIdentifier
  174. basicConstraints
  175. certificatePolicies
  176. cRLDistributionPoints
  177. extKeyUsage
  178. issuerAltName
  179. keyUsage
  180. nameConstraints
  181. policyConstraints
  182. policyMappings
  183. privateKeyUsagePeriod
  184. subjectAltName
  185. subjectDirectoryAttributes
  186. subjectKeyIdentifier
  187. Introduction to CRL Extensions
  188. Sample CRL and CRL Entry Extensions
  189. Standard X.509 v3 CRL Extensions
  190. CRLNumber
  191. deltaCRLIndicator
  192. issuingDistributionPoint
  193. certificateIssuer
  194. invalidityDate
  195. Netscape-Defined Certificate Extensions
NETSCAPE MANAGEMENT SYSTEM 4.5 first page preview

NETSCAPE MANAGEMENT SYSTEM 4.5

Brand: Netscape | Category: Software
Table of contents
  1. Table Of Contents
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. Table Of Contents
  7. Table Of Contents
  8. Table Of Contents
  9. Table Of Contents
  10. Table Of Contents
  11. Table Of Contents
  12. Table Of Contents
  13. Table Of Contents
  14. Table Of Contents
  15. Table Of Contents
  16. Table Of Contents
  17. Table Of Contents
  18. Table Of Contents
  19. Table Of Contents
  20. About This Guide
  21. What You Should Already Know
  22. Conventions Used in This Guide
  23. Where to Go for Related Information
  24. Part 1 Overview and Demo Installation
  25. Overview of Key Features
  26. Flexible end-entity registration services framework
  27. System Overview
  28. Public-Key Infrastructure
  29. CMS Subsystems or Managers
  30. Certificate Manager
  31. Registration Manager
  32. Data Recovery Manager
  33. Online Certificate Status Manager
  34. Basic System Configuration
  35. Plug-in Modules
  36. Policy Plug-in Modules
  37. Job Plug-In Modules
  38. Mapper and Publisher Plug-in Modules
  39. Event-Driven Notifications
  40. Command-Line Utilities
  41. Entry Points for Various Types of Users
  42. Agent Services Interface
  43. Registration Manager Agent Services
  44. Data Recovery Manager Agent Services
  45. Online Certificate Status Manager Agent Services Interface
  46. End-Entity Services Interface
  47. System Architecture
  48. JSS and the Java/JNI Layer
  49. Authentication and Policy Modules
  50. Security and Directory Protocols
  51. Some Enrollment Scenarios
  52. Extranet/E-Commerce: Acme Sales Corp
  53. Enrolling Existing Customers
  54. Enrolling New Customers
  55. Enrolling Extranet Users
  56. PIN Registration: Atlas Manufacturing
  57. VPN Client Enrollment and Revocation
  58. Router Enrollment and Revocation
  59. End Entities and Life-Cycle Management
  60. Access to Subsystems
  61. HTML Forms for End Users
  62. Netscape Personal Security Manager
  63. System Requirements
  64. Overview of the Default Demo
  65. Demo Passwords
  66. Installing the Default Demo
  67. Step 2. Run the Installation Wizard
  68. Step 3. Get the First User Certificate
  69. If You Need the First Agent Form Again
  70. Using the Default Demo
  71. Viewing Issued Certificates From the Agent Gateway
  72. Enrolling for a Certificate From the End-Entity Gateway
  73. Finding and Approving a Certificate Request
  74. Setting Your Browser to Use the Agent Certificate
  75. Create a Policy
  76. Use an LDAP Directory
  77. Step 1. Enable Directory-Based Authentication
  78. Step 2. Add a User to the Directory
  79. Step 3. Enroll with Directory-Based Authentication
  80. Publish Certificates to an LDAP Directory
  81. Configure the Publishing Destination
  82. Set Rules for Publishing Certificates
  83. Update the Publishing Directory
  84. Send Renewal Reminders
  85. Configuring a Mail Server for Certificate Management System
  86. Part 2 Planning and Installation
  87. Topology Decisions
  88. Single Certificate Manager
  89. Certificate Manager and Registration Manager
  90. Certificate Manager and Data Recovery Manager
  91. Certificate Manager, Data Recovery Manager, and Registration Manager
  92. Cloned Certificate Manager
  93. Certificate Authority Decisions
  94. CA Signing Key Type and Length
  95. CAs and Certificate Extensions
  96. CA Certificate Renewal or Reissuance
  97. Cryptographic Token Decisions
  98. Publishing to Certificates and CRLs to Files
  99. Publishing CRLs to the Online Certificate Status Manager
  100. Subsystem Certificate Decisions
  101. Registration Manager Certificates
  102. Data Recovery Manager Certificate and Storage Key
  103. Authentication Decisions
  104. Information for UNIX Installation Script
  105. User/Group Directory Server
  106. Administration Server Information
  107. Certificate Management System Identifier
  109. Configuration Directory Settings
  110. Administration Server Port
  111. Internal Database
  112. Remote Certificate Manager
  113. Network Configuration
  114. Key-Pair Information for CA Signing Certificate
  115. Validity Period for CA Signing Certificate
  116. CA Signing Certificate Request
  117. Registration Manager Configuration
  118. Subject Name for Registration Manager Signing Certificate
  119. Data Recovery Manager Configuration
  120. Subject Name for Transport Certificate
  121. Extensions for Transport Certificate
  122. Transport Certificate Request
  123. Online Certificate Status Manager Configuration
  124. Key-Pair Information for Online Certificate Status Manager Signing Certificate
  125. Online Certificate Status Manager Signing Certificate Issuer
  126. CA Signing Certificate
  127. SSL Server Key and Certificate
  128. Subject Name for SSL Server Certificate
  129. Extensions for SSL Server Certificate
  130. SSL Certificate Request
  131. Installation Overview
  132. Installation Stages
  133. Before You Begin the Installation
  134. Stage 1. Running the Installation Script
  135. Running the Installation Script on Windows NT
  136. Stage 2. Running the Installation Wizard
  137. Installing the Certificate Manager as a Root CA
  138. Installing the Certificate Manager as a Subordinate CA
  139. Installing a Standalone Registration Manager
  140. Installing a Standalone Data Recovery Manager
  141. Installing a Online Certificate Status Manager
  142. Stage 3. Enrolling for Administrator/Agent Certificate
  143. Agent Certificate for Other CMS Managers
  144. Stage 5. Creating Additional Instances or CA Clones
  145. Installing Multiple CMS Instances
  146. Cloning a Certificate Manager
  147. Step 1. Before You Begin
  148. Step 2. Create Instances for Clone CAs
  149. Installing Clone CA in a Different Server Group
  150. Installing Clone CA on a Separate Host
  151. Step 4. Copy Master CA's Certificate and Key Database
  152. Step 8. Establish Trust Between Master CA and Clone CAs
  153. Step A. Locate the Master CA's SSL Server Certificate
  154. Step B. Create a Privileged-User Entry for Clone CAs
  155. Step 9. Test Clone-Master Connection
  156. Step B. Approve the Request
  157. Step D. Revoke the Certificate
  158. Step 10. Use Master CA's Agent Certificate in Clone CAs
  159. Viewing Instance Information
  160. Changing the Name of an Instance
  161. Removing an Instance From a System
  162. Uninstalling From the Command Line
  163. Starting Certificate Management System
  164. Configuring the Server to Start Without the Single Sign-On Password
  165. Configuring the Server to Read the Single Sign-on Password From a File
  166. Starting From Netscape Console
  167. Starting From the Command Line
  168. Starting From the Windows NT Services Panel
  169. Stopping Certificate Management System
  170. Stopping From the Command Line
  171. Stopping From the Windows NT Services Panel
  172. Restarting From the Command Line
  173. Checking System Status
  174. Attending to an Unresponsive Server
  175. Password-Quality Checker
  176. Part 3 Configuration
  177. Netscape Console
  178. Users and Groups Tab
  179. Netscape Administration Server
  180. Starting Administration Server
  181. Shutting Down Administration Server
  182. The CMS Window
  183. Tasks Tab
  184. Logging In to the CMS Window
  185. Effects of Installation Type on Configuration
  186. Duplicating Configuration From One Instance to Another
  187. Locating the Configuration File
  188. Modifying the Configuration
  189. Guidelines for Editing the Configuration File
  190. Sample Configuration File
  191. Road Map to Configuring Subsystems
  192. Step 4. Set up Privileged Users
  193. Step 7: Enable Event-Driven Notifications
  194. Step 10. Set up Publishing
  195. Step 13. Plan for Backing up CMS Configuration and Data
  196. Chapter 11 Setting Up Ports
  197. Remote Administration Port
  198. Agent Port
  199. Step 1. Specify the Port Number
  200. Step 2: Specify IP Addresses
  202. Step 1. Identify the Directory Server Instance
  203. Step 2. Restrict Access to the Internal Database
  204. Privileged-User Types and Responsibilities
  205. Agents
  206. Agent's Certificate for SSL Client Authentication
  207. Revocation Status Checking of Agent Certificates
  208. Trusted Managers
  209. Subsystems That Can Function as Trusted Managers
  210. Connectors for Linking Trusted Managers
  211. Trusted Manager's Certificate for SSL Client Authentication
  212. Groups and Their Privileges
  213. Group for Administrators
  214. Groups for Agents
  215. Group for Data Recovery Manager Agents
  216. Group for Trusted Managers
  217. Setting Up Privileged Users
  218. Setting Up Agents
  219. Setting up Agents Using the Manual Process
  220. Setting Up Trusted Managers
  221. Setting Up a Registration Manager as a Trusted Manager
  222. Setting Up a Certificate Manager as a Trusted Manager
  223. Changing Privileged-User Information
  224. Changing a Privileged User's Certificate
  225. Changing Members in a Group
  226. Deleting a Privileged User
  227. Keys and Certificates for the Main Subsystems
  228. Certificate Manager's Key Pairs and Certificates
  229. wTLS CA Signing Certificate
  230. CRL Signing Key Pair and Certificate
  231. SSL Server Key Pair and Certificate
  232. Remote Administration Server Certificate
  233. Registration Manager's Key Pairs and Certificates
  234. Data Recovery Manager's Key Pairs and Certificates
  235. Transport Key Pair and Certificate
  237. Online Certificate Status Manager's Key Pairs and Certificates
  238. Tokens for Storing CMS Keys and Certificates
  239. Internal Token
  240. Managing Tokens Used by the Subsystems
  241. Changing a Token's Password
  242. Certificate Setup Wizard
  243. Using the Wizard to Request a Certificate
  244. Step 2. Choose the Certificate
  245. Step 3. Specify the Key-Pair Information
  246. Step 4. Specify the Subject Name for the Certificate
  247. Step 5. Specify the Validity Period
  248. Step 6. Specify Extensions
  249. Step 7. Copy the Certificate Signing Request
  250. Step 8. Check the Certificate Request Status
  251. Using the Wizard to Install a Certificate or Certificate Chain
  252. Data Formats for Installing Certificates and Certificate Chains
  253. Step 1. Select the Operation
  254. Step 2. Select the Certificate or Certificate Chain
  255. Step 3. Specify the Location of the Certificate
  256. Step 4. View the Certificate or Certificate Chain
  257. Step 6. Verify the Certificate Status
  258. Step 1. Get the Required SSL Server Certificates
  259. Getting an SSL Client Certificate for a Subsystem
  260. Setting Up Cipher Preferences for SSL Communications
  261. Configuring the Server to Use Specific Ciphers
  262. Getting New Certificates for the Subsystems
  263. Step 1. Plan for the New Certificate
  264. Step 2. Request the New Certificate
  265. Step 4. Deploy the New Certificate
  266. Deploying Registration Manager's Signing Certificate
  267. Deploying Data Recovery Manager's Transport Certificate
  268. Deploying a Subsystem's SSL Server Certificate
  269. Renewing Certificates for the Subsystems
  270. Step 1. Plan for Certificate Renewal
  271. Step 2. Renew the Existing Certificate
  272. Step 3. Install the Renewed Certificate
  273. Deploying Certificate Manager's Renewed CA Signing Certificate
  274. Deploying Data Recovery Manager's Renewed Transport Certificate
  275. Deploying a Subsystem's Renewed SSL Server Certificate
  276. Managing the Certificate Database
  277. Changing the Trust Settings of a CA Certificate
  278. Installing a New CA Certificate in the Certificate Database
  279. Installing a CA Certificate Chain in the Certificate Database
  280. Introduction to Authentication
  281. Privileged-User Authentication
  282. Authentication of Agents
  283. End-Entity Authentication
  284. Authentication of End Users During Certificate Revocation
  285. Configuring Authentication for End-User Enrollment
  287. Step 2. Set Up the Directory for PIN-Based Enrollment
  288. Step B. Update the Directory
  289. Step C. Prepare the Input File
  290. Step E. Check the Output File
  291. Step 4: Add an Authentication Instance
  292. Step 5. Set Up the Enrollment Interface
  293. Step B. Customize the Form
  294. Step D. Remove Unwanted Enrollment Options
  295. Step 6. Enable End-Entity Interaction
  296. Enabling End-Entity Interaction with a Registration Manager
  297. Step 7. Turn on Automated Notification
  298. Step 9. Deliver PINs to End Users
  299. Managing Authentication Plug-in Modules
  300. Deleting an Authentication Module
  301. Automated Notifications
  302. Notifications of Certificate Issuance to End Entities
  303. Notification of New Request in Queue
  304. Customizing Notification Messages
  305. Customizing Message Templates
  306. Tokens Available in Message Templates
  307. Tokens for Rejection Notifications to End Entities
  308. Tokens for Request In Queue Notification Messages
  310. Step 3. Turn on Request in Queue Notification
  311. Step 4. Verify Mail Server Settings
  312. Step 5. Test Your Configuration
  313. Configuring a Subsystem to Run Automated Jobs
  314. Step 2. Modify Existing Jobs
  315. Step 3. Delete Unwanted Jobs
  316. Step 5. Schedule the Frequency
  317. Step 7. Test Your Configuration
  318. Registering a Job Module
  319. Deleting a Job Module
  320. Introduction to Policy
  321. What Is Policy
  322. Policy Rules
  323. Using Predicates in Policy Rules
  324. Attributes for Predicates
  325. Policy Processor
  326. Configuring Policy Rules for a Subsystem
  327. Step 2. Modify Existing Policy Rules
  328. Step 3. Delete Unwanted Policy Rules
  329. Step 5. Reorder Policy Rules
  330. Step 6. Restart the Server
  332. Using JavaScript for Policies
  333. Deleting a Policy Module
  334. Publishing of Certificates to a Directory
  335. Timing of Directory Updates
  336. Directory Update Process
  337. Directory Synchronization
  338. What's a CRL
  339. Reasons for Revoking a Certificate
  340. Revocation Checking by Netscape Clients
  341. Publishing of CRLs to an LDAP Directory
  342. CRL Issuing Points
  344. Step 2. Set Up the Directory for Publishing
  345. Step C. Identify an Entry That Has Write Access
  346. Step E. Specify the Directory Authentication Method
  347. Step F. Modify the Certificate Mapping File
  348. Step G. Restart Directory Server
  349. Step B. Add Mappers, Publishers, and Publishing Rules
  350. Step 4. Configure the Certificate Manager to Publish CRLs
  351. Step A. Specify CRL Details
  352. Step B. Set the CRL Extensions
  353. Step C. Create a Mapper for the CRL
  354. Step D. Create a Publisher for the CRL
  355. Step E. Create a Publishing Rule for the CRL
  356. Step 5. Identify the Publishing Directory
  357. Step 6. Test Certificate and CRL Publishing
  358. Step A. Decide a Directory Entry for Requesting a Certificate
  359. Step D. Download the Certificate to the Browser
  360. Step G. Check the Directory for the CRL
  361. Manually Updating Certificates in the Directory
  362. Manually Updating the CRL in the Directory
  363. Configuring Certificate Manager to Publish to Files
  365. Step 2. Configure the Certificate Manager
  366. Step B. Create Publishing Rules for Certificates
  367. Step C. Create a Publishing Rule for CRLs
  368. Step D. Specify CRL Details
  369. Step E. Set the CRL Extensions
  370. Step F. Make Sure Publishing is Enabled
  372. Step D. Check the File for the Certificate
  373. Step E. Revoke the Certificate
  374. Step F. Check the File for the CRL
  375. Managing Mapper and Publisher Plug-in Modules
  376. Deleting a Mapper or Publisher Module
  377. What's an OCSP-Compliant PKI Setup
  378. How to Get an OCSP Responder
  379. How Online Certificate Status Manager Works
  380. How to Get OCSP-Compliant Clients
  381. Setting Up a Certificate Manager with OCSP Service
  382. Step 2. Install OCSP-Compliant Client
  383. Step 3. Enable Certificate Manager's HTTP Port
  384. Step 4. Enable Certificate Manager's OCSP Service
  385. Step 5. Configure Certificate Manager for Extensions
  386. Step 6. Restart the Certificate Manager
  387. Step 7. Test Your CA's OCSP Service Setup
  388. Step B. Request a Certificate
  389. Step E. Make Sure the CA is Trusted by the Browser
  390. Step F. Verify the Certificate in the Browser
  391. Step H. Revoke the Certificate
  392. Setting Up a Remote OCSP Responder
  394. Step 2. Install an OCSP-Compliant Client
  395. Step 3. Identify the CA to the OCSP Responder
  396. Step A. Specify CRL Format and Publishing Interval
  398. Step C. Create a Publisher for the CRL
  399. Step D. Create a Publishing Rule for the CRL
  400. Step E. Make Sure Publishing is Enabled
  401. Step 5. Configure Certificate Manager for Required Extension Policies
  402. Step 6. Configure the Online Certificate Status Manager
  403. Step 7. Restart the Certificate Manager
  404. Step 8. Restart the Online Certificate Status Manager
  405. Step 10. Test Your OCSP Responder Setup
  406. Step C. Approve the Request
  408. Step G. Check the Status of Online Certificate Status Manager
  409. Step I. Verify the Certificate in the Browser
  410. PKI Setup for Key Archival and Recovery
  411. Clients That Can Generate Dual Key Pairs
  412. Forms for Users and Key Recovery Agents
  413. Where the Keys are Stored
  414. How Key Archival Works
  415. Key Recovery Process
  416. Interface for the Key Recovery Process
  417. Local Versus Remote Key Recovery Authorization
  418. How Agent-Initiated Key Recovery Works
  419. Key Recovery Agent Scheme
  420. Changing Key Recovery Agents' Passwords
  421. Configuring Key Archival and Recovery Process
  422. Step A. Deploy Clients That Can Generate Dual Key Pairs
  423. Step C. Customize the Certificate Enrollment Form
  424. Step D. Configure Key Archival Policies
  425. Step 2. Set Up the Key Recovery Process
  426. Step B. Facilitate the Key Recovery Agents to Change the Passwords
  427. Step 3. Test Your Key Archival and Recovery Setup
  428. Step B. Verify the Key
  429. Step D. Restore the Key in the Browser's Database
  430. Introduction to Logs
  431. Logs Maintained by the Server
  432. Services That Are Logged
  433. Log Levels (Message Categories)
  434. Log File Locations
  435. Log File Naming Conventions
  436. Rotation of Log Files
  437. Location of Rotated Log Files
  438. Configuring CMS Logs
  439. Step 3. Delete Unwanted Listeners
  440. Step 4. Create New Listeners
  441. Monitoring CMS Logs
  442. Monitoring System Logs
  443. Monitoring Error Logs
  444. Monitoring Audit Logs
  445. Using System Tools for Monitoring the Server (Windows NT Only)
  446. Logging to Windows NT Event Log
  447. Archiving of Rotated Log Files
  448. Signing Log Files
  449. Managing Log Modules
  450. Deleting a Log Module
  451. Part 4 Issuing and Managing Certificates
  452. Certificate Issuance to Servers
  453. How the Manual Server Enrollment Process Works
  454. Getting Server SSL Certificates for Netscape Servers
  455. Step 1. Generate the Server Certificate Request
  456. Step 3. Install Your Server's SSL Certificate
  457. Step 5. Verify Your Server's SSL and CA Certificates
  458. Renewal of Server Certificates
  459. CEP Enrollment
  460. CEP Enrollment Using the Script
  461. Setting up CEP Enrollment Manually
  462. Step 1. Set up the Directory for Publishing Certificates and CRLs
  463. Step 2. Configure the Certificate Manager for Publishing Certificates and CRLs
  464. Step 3. Set Up Automated Enrollment
  465. Step 4. Set Up Multiple CEP Services
  466. Certificate Issuance to Routers or VPN Clients
  467. Step 2. Generate the Key Pair for the Router
  468. Step 3. Request the CA's Certificate
  469. Example
  470. Part 5 Appendix
Related products
NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-INNETSCAPE MANAGEMENT SYSTEM 4.5 - AGENT GUIDENETSCAPE MANAGEMENT SYSTEM 6.0NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINENETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-INNETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-INNETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDENETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDENETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDENETSCAPE MANAGEMENT SYSTEM 7.0 - AGENT GUIDE
Netscape categories
Server
Software
Gateway
More Netscape categories
Manuals database logo
manualsdatabase
Your AI-powered manual search engine