Setting up CEP Enrollment Manually
Chapter
25
Setting Up CEP Enrollment
817
eeGateway.cep.cep1.authName=flatfile
auths.instance.flatfile.fileName=<full_pathname_of_password_file>
auths.instance.flatfile.authAttributes=pwd
auths.instance.flatfile.keyAttributes=UNSTRUCTUREDNAME
auths.instance.flatfile.pluginName=flatfilePlugin
auths.instance.flatfile.deferOnFailure=false
auths.impl.flatfilePlugin.class=com.netscape.certsrv.authentication
.FlatFileAuth
A description for each of the above listed parameters are provided in Table 25-2.
During CEP enrollment, all the attributes in the subject name and the challenge
password are passed to the
FlatFileAuth
plug-in. The plug-in looks in a prepared
file (referred to as the authentication-token file in this document), which consists of
a series of entries for each valid enrollee, to determine if the request should be
authenticated. For the Certificate Manager to be able to locate the appropriate entry
Table 25-2
Configuration parameters defined in the FlatFileAuth plug-in
Configuration parameter
Description
authName
Provides a reference to the auths.instance authentication plug-in described in the
auths.instance.*
configuration parameters. If you want to turn off
automated enrollment for CEP-based requests, delete this parameter from the
configuration file.
fileName
Specifies the filename of an authentication-token file. You prepare this file as a
part of setting up an automated CEP enrollment as explained in Step 4-B. Be sure
to use the full path name.
keyAttributes
Specifies a comma-separated list of attributes in the request which together,
uniquely identify an entry in the authentication-token file. Note that these
attributes must be present in the request and in the password file for the
authentication to succeed.
authAttributes
Specifies a comma-separated list of attributes from the CEP request which must
match the attributes specified in the authentication-token file for authentication
to succeed. Currently the most useful thing to put in this parameter is
pwd
, the
challenge password from the request.
deferOnFailure
Specifies whether the server should defer CEP requests that fail authentication.
•
true
specifies that the server should defer CEP-enrollment requests that fail
authentication; the deferred requests get queued for agent approval.
•
false
specifies that the server should reject CEP-enrollment requests that
fail authentication.
Summary of Contents for NETSCAPE MANAGEMENT SYSTEM 4.5
Page 1: ...Installation and Setup Guide Netscape Certificate Management System Version4 5 October 2001...
Page 22: ...22 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 32: ...32 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 162: ...162 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 796: ...796 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 827: ...827 Part 5 Appendix Appendix A Certificate Download Specification...
Page 828: ...828 Netscape Certificate Management System Installation and Setup Guide October 2001...
Page 850: ...850 Netscape Certificate Management System Installation and Setup Guide October 2001...