Appendix A. Enterprise Security Client Configuration
Previously, Enterprise Security Client relied on an application-specific configuration file. Enterprise Security Client is now based on Mozilla XULRunner technology, which allows the preferences facility built into Mozilla to be used for simple configuration of the Enterprise Security Client. A simple UI, discussed in Chapter 3, Using the Enterprise Security Client, manages most important configuration settings.
The Enterprise Security Client can be launched without requiring extra configuration.
The Enterprise Security Client uses the Mozilla configuration preferences for each of the supported platforms. A default configuration file is located in the following directories on each platform:
| Platform | Location | ||
|---|---|---|---|
| Windows | C:\Program Files\Red Hat\ESC\defaults\preferences\esc-prefs.js | ||
| Red Hat Enterprise Linux |
| ||
| Macintosh | ~/Desktop/ESC.app/defaults/preferences/esc-prefs.js |
These files specify the default configuration to use when the Enterprise Security Client is first launched.
When the Enterprise Security Client is launched, it creates a separate, unique profile directory for each user on the system. These profiles are stored in different locations on each platform, as described below:
| Platform | Location |
|---|---|
| Windows |
C:\Documents and Settings\$USER\Application Data\RedHat\ESC\Profiles
|
| Red Hat Enterprise Linux |
~/.redhat/esc
|
| Macintosh |
~/Library/Application Support/ESC/Profiles
|
When the Enterprise Security Client requires any changes to a user's configuration values, the updated values are written to the user's profile area, not to the default Javascript file.
The esc-prefs.js file extract shown below lists the Enterprise Security Client-supported configuration values.
#################################################################
#The entry below is the XUL chrome page where Enterprise Security
#Client proceeds on startup.
#
pref("toolkit.defaultChromeURI",
"chrome://esc/content/settings.xul");
#The entry below is the URL Enterprise Security Client consults
#for back end TPS functionality.
pref("esc.tps.url","https://test.host.com:7888/nk_service");
#The following three entries are for internal use
pref("signed.applets.codebase_principal_support",true);
pref("capability.principal.codebase.p0.granted",
"UniversalXPConnect");
pref("capability.principal.codebase.p0.id", "file://");
#The entry below sets how many seconds Enterprise Security Client
#should wait while TPS is processing a message
pref("esc.tps.message.timeout","90");
#The entry can be set allow Enterprise Security Client to write
#newly created certificates
#to the local CAPI store after an enrollment operation.
#Also, when a format is done, those same certs will be removed
#from the local CAPI store.
pref("esc.windows.do.capi","yes");
##################################################################