Overview of Key Features
38
Netscape Certificate Management System Installation and Setup Guide • May 2002
For information on enrollment, renewal, and revocation operations, see Chapter 15,
“Setting Up End-User Authentication.” For information on automated
notifications,
s
ee Chapter 16, “Setting Up Automated Notifications.”
Built-in plug-in modules for authentication, policy, job scheduling, and
publishing
Certificate Management System simplifies the details involved in certificate
issuance and management with its built-in, configurable, and extensible
authentication, policy, job scheduling, and publishing components. Each of these
components come with a set of default modules that enable you to configure
Certificate Management System for your PKI requirements. For example, you can
configure policy modules to determine the outcome of operations, such as
certificate formulation (extensions, signing algorithm, key length, validity period,
and so on), issuance, renewal, and revocation.
For information about all plug-in modules (such as authentication, job, policy, and
publishing modules) that are provided for Certificate Management System, see
“Plug-in Modules” on page 55.
Single administration point achieved via LDAP-compliant directory
integration
Certificate Management System works seamlessly with any LDAP-compliant
directory services for easy distribution of certificates and CRLs, thus lowering the
cost of information management. The shared directory architecture enables you to
manage users, including their security credentials and other shared data, at a single
place. Certificate Management System can do the following:
•
Authenticate users based on the information that exists in the LDAP directory.
•
Integrate certificate-related information with the user and group information
that exists in the LDAP directory.
•
Automatically publish certificates (when they are issued) and CRLs (when
created or on a periodic basis) to the LDAP directory, from which they can be
easily distributed to clients and servers.
•
Automatically delete expired and revoked certificates from the directory.
•
Connect to the directory using password-based (basic) or certificate-based (in
the context of LDAP over SSL) authentication using a digital certificate.
Summary of Contents for NETSCAPE DIRECTORY SERVER 6.01
Page 1: ...Installation and Setup Guide Netscape Certificate Management System Version6 01 May 2002...
Page 22: ...22 Netscape Certificate Management System Installation and Setup Guide May 2002...
Page 32: ...32 Netscape Certificate Management System Installation and Setup Guide May 2002...
Page 160: ...160 Netscape Certificate Management System Installation and Setup Guide May 2002...
Page 776: ...776 Netscape Certificate Management System Installation and Setup Guide May 2002...
Page 807: ...807 Part 5 Appendix Appendix A Certificate Download Specification...
Page 808: ...808 Netscape Certificate Management System Installation and Setup Guide May 2002...
Page 830: ...830 Netscape Certificate Management System Installation and Setup Guide May 2002...