Setting Up Privileged Users
414
Netscape Certificate Management System Installation and Setup Guide • October 2001
Note that for a Certificate Manager to add the Registration Manager this way, the
Certificate Manager agent who approves the Registration Manager signing
certificate request must belong to both the Certificate Manager Agents and
Administrators groups in the internal database of the Certificate Manager. For
more information about these groups, see “Groups and Their Privileges” on
page 398.
Setting Up a Registration Manager as a Trusted Manager
You can set up a remote Registration Manager to function as a trusted manager to a
Certificate Manager, another Registration Manager, or a Data Recovery Manager.
•
Step 1. Find the Required Information
•
Step 2. Create a User Entry for the Registration Manager
•
Step 3. Copy the Registration Manager’s Certificate to the Internal Database
•
Step 4. Check the Certificate Database for the CA Certificate
•
Step 5. Configure Registration Manager’s Connector Settings
Step 1. Find the Required Information
Before setting up a Registration Manager to function as a trusted manager to
another CMS subsystem:
•
Note identifying information, such as the instance ID and host name of the
Registration Manager.
•
Make sure that the Registration Manager has the certificate you want it to use
for SSL client authentication to the subsystem that will trust it; by default, the
Registration Manager uses its signing certificate for this purpose. The certificate
must be currently valid; the certificate must not have expired, been revoked, or
been signed by an authority untrusted by the subsystem. For details, see
“Trusted Manager’s Certificate for SSL Client Authentication” on page 397.
•
Locate the certificate in base-64 encoded format. Copy the certificate, including
the
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----
marker lines, to a text file.
•
Identify the subsystem—Certificate Manager, Registration Manager, or Data
Recovery Manager—to which you want to connect the Registration Manager.
Note details, such as the host name and port number of that subsystem.
•
If you are planning to connect the Registration Manager to a Certificate
Manager, keep this in mind: during the installation of a Registration Manager,
you generated a signing certificate for the Registration Manager. If you
requested the signing certificate from a Certificate Manager, you were given an
Summary of Contents for NETSCAPE MANAGEMENT SYSTEM 4.5
Page 1: ...Installation and Setup Guide Netscape Certificate Management System Version4 5 October 2001...
Page 22: ...22 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 32: ...32 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 162: ...162 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 796: ...796 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 827: ...827 Part 5 Appendix Appendix A Certificate Download Specification...
Page 828: ...828 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 850: ...850 Netscape Certificate Management System Installation and Setup Guide October 2001...