Certificate Manager Agent Services
5
Figure 1.2. Certificate Manager Agent Services Page
A Certificate Manager agent performs the following tasks:
• Handles certificate requests.
An agent can list the certificate service requests received by the Certificate Manager subsystem,
assign requests, reject or cancel requests, and approve requests for certificate enrollment. See
Chapter 3, CA: Handling Certificate Requests
.
• Finds certificates.
Certificates can be searched for individually or searched and listed by different criteria. The
details for all returned certificates are then displayed. See
Chapter 4, CA: Finding and Revoking
Certificates
.
• Revokes certificates.
If a user's key is compromised, the certificate must be revoked to ensure that the key is not
misused. Certificates belonging to users who have left the organization may also need revoked.
Certificate Manager agents can find and revoke a specific certificate or a set of certificates. Users
can also request that their own certificates be revoked. See
Section 4.4, “Revoking Certificates”
.
• Updates the CRL.
The Certificate Manager maintains a public list of revoked certificates, called the Certificate
Revocation List (CRL). The list is usually maintained automatically, but, when necessary, the
Certificate Manager agent services page can be used to update the list manually. See
Section 4.5.2,
“Updating the CRL”
.
• Publishes certificates to a directory.