Enrollment Forms
Chapter
1
Authentication Plug-in Modules
59
7.
Search for the
KEYGEN
tag.
8.
Insert the cursor at the end of the word
KEYGEN
, add a space after the word
KEYGEN
, and type the following:
keytype="DSA" PQG=
9.
Paste the value of the
DSSParms
entry following the equal to (
=
) sign and
enclose the value you pasted in double quotes (
" "
).
An example of a modified
KEYGEN
tag is shown below (the modifications are
shown in bold):
<KEYGEN
keytype="DSA"
PQG="MIIBHgKBgQCsQeVqw5ID/xhSe7s4vLaOuKskCFJN23OBgWCEquYIZbMZdHN7015p
6nN7XsDpTWBccLdrSdpMxmJd8rF2agb3tbk9hjZ6//MfLCTAwvegdgAzzRwB7akOgYD/SpPFb
7rYuvPfkiRjicsWqnue9uABvJtWGnW8WVYP6wIVAMPORrJxO9Qcswzr
LpnfAoGAM3ZBjxLTPbXOgWIXHZnIFSpGAW1JzK5ywEtnabJWfiIRrWi3hyWLj98PcIc2cxbp
Oh60rwqeElUMvHwIQwsPvTFyQUcBtOG40zlXoFwEqlaqDoXv3iA0Zp2XQy/JQFbx
23J+0HKz7iB7co04LCa0oTwmsd0=
" name="subjectKeyGenInfo">
10.
Repeat steps 7 through 9 to modify any additional
KEYGEN
tags.
11.
Save your changes.
12.
Next, configure the Certificate Manager to accept DSA key based certificate
enrollment requests.
A Certificate Manager by default only accepts RSA key-based requests. For the
server to accept DSA key based certificate requests, the value of the
algorithms
parameter in the
KeyAlgRule
policy rule must be set to
RSA,DSA
.
For instructions to change policy rules, see Chapter 18, “Setting Up Policies” of
CMS Installation and Setup Guide.
Generating Files Required By Third-Party Object
Signing Tools
When issuing an object-signing certificate to Microsoft IE, Certificate Management
System can generate a certificate (
.CER
) and a private key (
.PVK
) files for use by
Microsoft
signcode
tool or any third-party sign tools that rely on these files. For
the server to generate these files, you must edit the default form provided for
requesting an object-signing certificate for browsers.
Summary of Contents for Certificate Management System 6.01
Page 1: ...Plug Ins Guide Netscape Certificate Management System Version6 01 May 2002...
Page 10: ...10 Netscape Certificate Management System Plug Ins Guide May 2002...
Page 62: ...Enrollment Forms 62 Netscape Certificate Management System Plug Ins Guide May 2002...
Page 308: ...NTEventLog Plug in Module 308 Netscape Certificate Management System Plug Ins Guide May 2002...