Privileged-User Types and Responsibilities
376
Netscape Certificate Management System Installation and Setup Guide • March 2002
2.
When the user receives the certificate from the public CA, the user imports the
certificate into the web browser that he or she will use to access the subsystem.
It is a good idea to ask the user to inform you that the certificate has been
installed.
3.
Ask the user to send you the certificate information sent by the public CA. In
the information that you receive, locate the user’s certificate in base-64 encoded
form.
You can also get the user’s certificate from the public CA that issued it. Access
the public CA site, search for the user’s certificate, and locate the certificate in
base-64 encoded form.
4.
Copy the base-64 encoded certificate, including the
-----BEGIN
CERTIFICATE-----
and
-----END CERTIFICATE-----
marker lines, to a text
file.
The copied information should look similar to the following example:
-----BEGIN CERTIFICATE-----
MIICJzCCAZCgAwIBAgIBAzANBgkqhkiG9w0BAQQFADBCMSAwHgYDVQQKExdOZXRzY2FwZSBDb21tdW5pYF
0aW9uczngjhnMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyNzE5MDAwMFoXDTk5MDIyMzE5MDAw
MnbjdgngYoxIDAeBgNVBAoTF05ldHNjYXBlIENvbW11bmljYXRpb25zMQ8wDQYDVQQLEwZQZW9wbGUxFzA
VBgoJkiaJkIsZAEBEwdzdXByaXlhMRcwFQYDVQQDEw5TdXByaXlhIFNoZXR0eTEjMCEGCSqGSIb3DbndgJ
ARYUc3Vwcml5YUBuZXRzY2FwZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAoYiYgthgtbbnjfngjn
jgnagwJjAOBgNVHQ8BAf8EBAMCBLAwFAYJYIZIAYb4QgEj
-----END CERTIFICATE-----
5.
Save the text file and use it to store a copy of the certificate in a subsystem’s
internal database (see “Step 3. Store the Agent’s SSL Client Certificate in the
Internal Database” on page 395).
Getting an Agent’s Certificate from Certificate Management System
The following general instructions explain how a user can get a client certificate
from Certificate Management System and how you can copy that certificate (in
base-64 encoded form) to the internal database of a subsystem:
1.
The user sends a client certificate request to Certificate Management System
from the client machine that he or she will use to access the subsystem from the
Agent Services interface. It is important that the user generate and submit this
request from the machine he or she will use later to access the subsystem,
because part of this request process generates a private key on the local
machine. Alternatively, if location independence is required, the user can also
use a hardware token, such as a smart card, to generate and store the key pair
(and the certificate when the user receives it from the public CA).
Summary of Contents for NETSCAPE MANAGEMENT SYSTEM 6.0
Page 1: ...Installation and Setup Guide Netscape Certificate Management System Version6 0 March 2002...
Page 22: ...22 Netscape Certificate Management System Installation and Setup Guide March 2002...
Page 32: ...32 Netscape Certificate Management System Installation and Setup Guide March 2002...
Page 160: ...160 Netscape Certificate Management System Installation and Setup Guide March 2002...
Page 776: ...776 Netscape Certificate Management System Installation and Setup Guide March 2002...
Page 807: ...807 Part 5 Appendix Appendix A Certificate Download Specification...
Page 808: ...808 Netscape Certificate Management System Installation and Setup Guide March 2002...
Page 830: ...830 Netscape Certificate Management System Installation and Setup Guide March 2002...