|Previous Contents Index Next|
|iPlanet Certificate Management System Agent's Guide|
About This Guide
This guide describes the Agent Services interface that a SunTM ONE Certificate Server agent uses to administer a subsystem's certificates and keys.
The late renaming of this product has resulted in a situation where the new product name is not fully integrated into the shipping product. In particular, you will see the product referenced as iPlanet Certificate Management Server (CMS) within the product GUI and within the product documentation. For this release, please consider iPlanet Certificate Management Server and SunTM ONE Certificate Server as interchangeable names for the same product.
This preface has the following sections:
What You Should Already Know
What You Should Already Know
This guide is intended for Certificate Management System agentsthat is, privileged users designated by the Certificate Management System administrator to manage requests from end entities for certificate-related services. Each installed CMS manager (Certificate Manager, Registration Manager, and Data Recovery Manager) can have one or more agents.
Server administrators should refer to the CMS Agent's Guide for information on how to designate agents and assign agent privileges to users and groups.
Before reading this guide, you should be familiar with the basic concepts of public-key cryptography and the Secure Sockets Layer (SSL) protocol. These include the following topics:
Encryption and decryption For overviews of these topics, see Appendix D and Appendix E of Managing Servers with iPlanet Console.
What's in This Guide
This guide describes the duties of the agents for the various CMS subsystems and explains how to accomplish each task.
Chapter 1 "Agent Services" provides an overview of the product and identifies the different kinds of users, including agents. The chapter also summarizes the tasks of each subsystem agent and lists the HTML forms you use to perform agent tasks. Finally, the chapter explains how to access the Agent Services pages and forms.
As a Certificate Manager or Registration Manager agent, you are responsible for handling requests for certificates that are made by end entities (end users, server administrators, or other CMS subsystems) using manual enrollment. Chapter 2 "Handling Certificate Requests" describes the general procedure for handling requests and explains how to handle different aspects of certificate request management.
Chapter 3 "Finding and Revoking Certificates" explains how, as a Certificate Manager agent, you can use the Agent Services page to find and examine a specific certificate issued by Certificate Management System, or retrieve a list of certificates that match specified criteria. This chapter also explains how to revoke certificates, and manage the certificate revocation list.
Chapter 4 "Publishing to a Directory" describes how a Certificate Manager agent can update the LDAP directory with the current status of certificates.
Chapter 5 "Recovering Encrypted Data" describes how to process key recovery requests, and how to recover stored encrypted data when the encryption key has been lost. This service is only available when the Data Recovery Manager subsystem is installed.
Chapter 6 "Managing OCSP Service Related Tasks" describes how to handle tasks related to the CMS OCSP responder, Online Certificate Status Manager. This service is only available when the Online Certificate Status Manager subsystem is installed.
Conventions Used in This Guide
This guide uses the following conventions:
In addition, the following conventions are used for important notes.
Note You can access the Agent Services only if you have a valid agent certificate.
A caution note documents a potential risk of losing data, damaging software or hardware, or otherwise disrupting system performance.
Where to Go for Related Information
This section summarizes the documentation that ships with Certificate Management System, using these conventions:
<server_root> is the directory where the CMS binaries are kept (specified during installation). The documentation set for Certificate Management System includes the following:
Managing Servers with iPlanet Console
Provides background information on basic cryptography concepts and the role of iPlanet Console.
To view the HTML version of this guide, open this file: <server_root>/manual/en/admin/help/contents.htm
CMS Installation and Setup Guide
Provides detailed information on deployment options for Certificate Management System, a walk-through of a test or demo installation, complete installation instructions, and information on administrative tasks. To access the installation and configuration information from within the CMS Installation Wizard, click any help button.
To view the HTML version of this guide, open this file: <server_root>/manual/en/cert/setup_guide/contents.htm
CMS Plug-Ins Guide
Provides detailed reference information on CMS plug-ins for authentication, policy, publishing, and so on. To access this information from the CMS window within iPlanet Console, click any help button.
To view the HTML version of this guide, open this file: <server_root>/manual/en/cert/plugin_guide/contents.htm
CMS Command-Line Tools Guide
Provides detailed reference information on CMS tools.
To view the HTML version of this guide, open this file: <server_root>/manual/en/cert/tools_guide/contents.htm
CMS Customization Guide
Provides detailed reference information on customizing the HTML-based agent and end-entity interfaces.
To view the HTML version of this guide, open this file: <server_root>/manual/en/cert/custom_guide/contents.htm
CMS Agent's Guide (this guide)
Provides detailed reference information on CMS agent interfaces. To access this information from the Agent Services pages, click any help button.
To view the HTML version of this guide, open this file: <server_root>/<instance_id>/web/agent/manual/agent_guide/
End-entity help provides detailed reference information on CMS End-Entity Services interface. Users can access this guide by clicking any help button in the end user pages.
For a complete list of all documentation that ships with Certificate Management System, open this file: <server_root>/manual/index.html
You will not be able to access the files and directories specified here if you don't have access to the machine on which Certificate Management System is installed.
For the latest information about Certificate Management System, including current release notes, complete product documentation, technical notes, and deployment information, check this site: http://docs.iplanet.com/docs/manuals/cms.html
Previous Contents Index Next
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated October 07, 2002