About Publishing
Chapter
15
Publishing
619
About Publishers
Publishers specify the location in which certificates and CRLs are published. In the
case of publishing to a file, publishers specify the publishing directory. In the case
of LDAP publishing, publishers specify the attribute in the directory that will store
the certificate or CRL; a mapper is used to determine the DN of the entry—the
location of the LDAP directory is specified when you enable LDAP publishing. In
the case of an OCSP responder, publishers specify the host name and URI of the
Online Certificate Status Manager’s secure EE service.
With file publishing, you set up a publisher for every location you will publish to.
With LDAP publishing, you set up a publisher for every DN that needs a different
formula for deriving that DN. When you create a rule that determines whether a
given certificate or CRL will be published, you associate a publisher with each rule
providing the location for the rule. With OCSP publishing, you set up a publisher
for every location that you will publish to.
About Mappers
Mappers are only used in LDAP publishing. Mappers allow you to construct the
DN for an entry based on information from the certificate or the certificate request.
The server needs to figure out the DN of the entry in which to publish certificates
and CRLs. It has information from the subject name of the certificate, and from the
certificate request for the certificate and needs to know how to use this information
to create a DN for that entry. The mapper provides a formula for converting the
information available to either a DN, or some unique information that can be
searched in the directory to obtain a DN for the entry.
About Rules
You set up Rules for file, LDAP, and OCSP publishing which tell the server
whether or not a certificate or CRL matches that rule, and if so, how it is to be
published. A rule first defines what is to be published: a certificate or CRL with
certain characteristics. A rule then specifies the publishing method and location.
You define which certificates or CRLs get published by defining a type and
predicate for the rule. You specify how and where to publish by associating the
rule with a publisher, and, in the case of LDAP publishing, with a mapper.
You can create a simple or complex set of publishing rules depending on your
needs, the flexibility is built in to allow you to do this.
Содержание Certificate Management System 6.1
Страница 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Страница 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 68: ...Support for Open Standards 68 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 166: ...How a Registration Manager Works 166 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 566: ...Managing Policy Plug in Modules 566 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 710: ...1 3 Organization Security Policies 710 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 716: ...Object Identifiers 716 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 762: ...DNs in Certificate Management System 762 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Страница 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Страница 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...