Red Hat Certificate System 7.3

Next

Red Hat Certificate System 7.3

System Agent Guide

Copyright © 2007 Red Hat, Inc.

Legal Notice

Revision History

Revision 7.3.0-1

Thu May 11 2007

Layout and presentation revision

Grammar, spelling and readability updates.

Revision 7.3.0-0

Sun May 06 2007

Added Revision History.

Minor grammar and style fixes.

Abstract

This guide is for agents of Certificate System subsystems. It explains the different agent services interfaces for the Certificate System subsystems and details the agent operations which can be performed. This information is used to manage and maintain certificates and keys for users in the PKI deployment.

Table of Contents

1. About This Guide

1.1. Who Should Read This Guide
1.2. Required Concepts
1.3. What is in This Guide
1.4. Document Conventions
1.5. Documentation

2. Agent Services

2.1. Overview of Certificate System

2.1.1. Certificate System Sub-systems
2.1.2. Certificate System Users

2.2. Agent Tasks

2.2.1. Certificate Manager Agent Services
2.2.2. Data Recovery Manager Agent Services
2.2.3. Online Certificate Status Manager Agent Services
2.2.4. Token Processing System Agent Services

2.3. Forms for Performing Agent Operations

2.4. Accessing Agent Services

3. CA: Working with Certificate Profiles

3.1. About Certificate Profiles

3.1.1. Categories of Certificate Profiles

3.2. Profile Operations Performed by CA Agents

3.3. List of Certificate Profiles

3.3.1. Example Profile

3.4. How Certificate Profiles Work

3.5. Enabling and Disabling Certificate Profiles

3.5.1. Getting Certificate Profile Information
3.5.2. End User Certificate Profile
3.5.3. Policy Information
3.5.4. Approving a Certificate Profile
3.5.5. Disapproving a Certificate Profile

4. CA: Handling Certificate Requests

4.1. Managing Requests

4.2. Listing Certificate Requests

4.2.1. Selecting a Request
4.2.2. Searching Requests

4.3. Approving Requests

4.4. Sending an Issued Certificate to the Requester

5. CA: Finding and Revoking Certificates

5.1. Basic Certificate Listing

5.2. Advanced Certificate Search

5.3. Examining Certificates

5.4. Revoking Certificates

5.4.1. Searching for Certificates to Revoke
5.4.2. Revoking One or More Certificates

5.5. Managing the Certificate Revocation List

5.5.1. Viewing or Examining CRLs
5.5.2. Updating the CRL

6. CA: Publishing to a Directory

6.1. Automatic Directory Updates
6.2. Manual Directory Updates

7. DRM: Recovering Encrypted Data

7.1. List Requests

7.2. Finding and Recovering Keys

7.2.1. Finding Archived Keys
7.2.2. Recovering Keys

8. OCSP: Agent Services

8.1. Listing CAs Identified by the OCSP
8.2. Identifying a CA to the OCSP
8.3. Adding a CRL to the OCSP
8.4. Checking the Revocation Status of a Certificate

9. TPS: Agent Services

9.1. Basic Operations for an Agent and Administrator

9.2. Adding Tokens

9.3. Managing Tokens

9.3.1. Changing Token Status
9.3.2. Editing the Token
9.3.3. Listing Token Certificates
9.3.4. Conflicting Token Certificate Status Information
9.3.5. Showing Token Activities

9.4. Listing and Searching Certificates

9.5. Searching Token Activities

9.6. Administrator Operations

9.6.1. Showing Token Activities
9.6.2. Editing the Token
9.6.3. Deleting the Token

NextChapter 1. About This Guide