System Passwords
250
Netscape Certificate Management System Administrator’s Guide • June 2003
System Passwords
CMS has a password-quality checker for internal passwords that you can configure
to your needs. It stores token passwords in a plain text file, and stores all other
passwords in an encrypted password cache file.
Password-Quality Checker
CMS comes with a plug-in, called password-quality checker, to monitor the quality of
passwords set within the CMS system. All passwords used in CMS are checked by
the password-quality checker, which by default checks that the length of a
password is at least 8 characters long; there are no checks regarding which
characters are valid or invalid. If you use a password that doesn’t meet the quality
rules, you will get an error message.
Note that CMS enforces password quality on only those passwords that it creates
and manages. Passwords you enter for LDAP directory access are not subjected to
quality checks. The reason for this is, the password quality is handled by the
system that creates and manages the password. In an LDAP directory access, the
remote directory that you authenticate to enforces the quality of the password you
used because it is created and managed by the directory.
To enable you to customize the quality of passwords, the plug-in for the
password-quality checker is included as a sample in the CMS SDK.
Passwords Stored by the Server
CMS stores passwords in two separate files. These passwords are used to bind to
servers, or to unlock tokens when you start up the server.
Token Password Storage
The passwords for any tokens holding the private keys for the subsystem installed
in this instance of CMS are stored in the file
password.conf
located in the
<server_root>/cert-<instance_id>/config
directory. This file has read/write
permission for the installer only.
This file contains the token passwords needed to open the private keys of the
subsystem as follows:
Summary of Contents for Certificate Management System 6.2
Page 1: ...Administrator s Guide Netscape Certificate Management System Version6 2 June 2003...
Page 22: ...22 Netscape Certificate Management System Administrator s Guide June 2003...
Page 30: ...Documentation 30 Netscape Certificate Management System Administrator s Guide June 2003...
Page 84: ...Uninstalling CMS 84 Netscape Certificate Management System Administrator s Guide June 2003...
Page 380: ...ACL Reference 380 Netscape Certificate Management System Administrator s Guide June 2003...
Page 750: ...Object Identifiers 750 Netscape Certificate Management System Administrator s Guide June 2003...
Page 828: ...Managing Certificates 828 Netscape Certificate Manager System Administrator s Guide June 2003...
Page 844: ...The SSL Handshake 844 Netscape Certificate Manager System Administrator s Guide June 2003...
Page 862: ...862 Netscape Certificate Management System Administrator s Guide June 2003...