Ports
286
Netscape Certificate Management System Administrator’s Guide • February 2003
Port Considerations
When choosing ports for CMS consider the following:
•
Be sure to choose ports that are unique on the host system.
•
To verify that a port is available for use, check the appropriate file for your
operating system; port numbers for network-accessible services are usually
maintained in a file named
services
.
•
On Unix, if you are not running as
root
or
superuser
when you install or start
the server, you will have to use a port number higher than 1024.
Administration Port
The administration port is an SSL (encrypted) port on which CMS listens to
requests from its administration interface, the CMS console. When you install CMS,
a random number (greater than 1024) is assigned to the administration port. You
can change this port number at any time, to any number between 1 and 65535.
Agent Port
The agent port is an SSL (encrypted) port on which CMS listens to requests from
agents; agents make these requests from the appropriate Agent Services interface.
•
The Certificate Manager and Registration Manager agents use the agent port to
process certificate issuance and management requests from end entities and to
perform certain other privileged operations over HTTPS.
•
Data Recovery Manager agents use the agent port for recovering end users’
encryption private keys over HTTPS.
Agent functions always require SSL client authentication.
When you install CMS, it assigns a random number (greater than 1024) as the agent
port number and prompts you to change it, if necessary; the port number can be
any number between 1 and 65535. The number you choose for the agent port
affects your agent users—all agents access CMS by specifying the name of the
server (the CMS instance) and the agent port number in the URL. For example, if
you choose port number 4430, the URL would look like this:
https://<hostname>:4430/<subsystem>
<hostname>
is in the form
<machine_name>.<your_domain>.<domain>
<subsystem>
is a prefix identifying the subsystem that hosts the agent interface:
ca
for the Certificate Manager,
ra
for the Registration Manager,
kra
for the Data
Recovery Manager, and
ocsp
for Online Certificate Status Manager.
Содержание Certificate Management System 6.1
Страница 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Страница 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 68: ...Support for Open Standards 68 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 166: ...How a Registration Manager Works 166 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 566: ...Managing Policy Plug in Modules 566 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 710: ...1 3 Organization Security Policies 710 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 716: ...Object Identifiers 716 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 762: ...DNs in Certificate Management System 762 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Страница 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Страница 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...