Ports
284
Netscape Certificate Management System Administrator’s Guide • June 2003
Port Considerations
When choosing ports for CMS consider the following:
•
Be sure to choose ports that are unique on the host system.
•
To verify that a port is available for use, check the appropriate file for your
operating system; port numbers for network-accessible services are usually
maintained in a file named
services
.
•
On Unix, if you are not running as
root
or
superuser
when you install or start
the server, you will have to use a port number higher than 1024.
Administration Port
The administration port is an SSL (encrypted) port on which CMS listens to
requests from its administration interface, the CMS console. When you install CMS,
a random number (greater than 1024) is assigned to the administration port. You
can change this port number at any time, to any number between 1 and 65535.
Agent Port
The agent port is an SSL (encrypted) port on which CMS listens to requests from
agents; agents make these requests from the appropriate Agent Services interface.
•
The Certificate Manager and Registration Manager agents use the agent port to
process certificate issuance and management requests from end entities and to
perform certain other privileged operations over HTTPS.
•
Data Recovery Manager agents use the agent port for recovering end users’
encryption private keys over HTTPS.
Agent functions always require SSL client authentication.
When you install CMS, it assigns a random number (greater than 1024) as the agent
port number and prompts you to change it, if necessary; the port number can be
any number between 1 and 65535. The number you choose for the agent port
affects your agent users—all agents access CMS by specifying the name of the
server (the CMS instance) and the agent port number in the URL. For example, if
you choose port number 4430, the URL would look like this:
https://<hostname>:4430/<subsystem>
<hostname>
is in the form
<machine_name>.<your_domain>.<domain>
<subsystem>
is a prefix identifying the subsystem that hosts the agent interface:
ca
for the Certificate Manager,
ra
for the Registration Manager,
kra
for the Data
Recovery Manager, and
ocsp
for Online Certificate Status Manager.
Summary of Contents for Certificate Management System 6.2
Page 1: ...Administrator s Guide Netscape Certificate Management System Version6 2 June 2003...
Page 22: ...22 Netscape Certificate Management System Administrator s Guide June 2003...
Page 30: ...Documentation 30 Netscape Certificate Management System Administrator s Guide June 2003...
Page 84: ...Uninstalling CMS 84 Netscape Certificate Management System Administrator s Guide June 2003...
Page 380: ...ACL Reference 380 Netscape Certificate Management System Administrator s Guide June 2003...
Page 750: ...Object Identifiers 750 Netscape Certificate Management System Administrator s Guide June 2003...
Page 828: ...Managing Certificates 828 Netscape Certificate Manager System Administrator s Guide June 2003...
Page 844: ...The SSL Handshake 844 Netscape Certificate Manager System Administrator s Guide June 2003...
Page 862: ...862 Netscape Certificate Management System Administrator s Guide June 2003...