Difference between revisions of "Certificate Authority"

From MicroFocusInternationalWiki
Jump to: navigation, search
m (Added utility mentions)
m (Health check suggestions)
Line 3: Line 3:
  
 
Ander's says, "Make sure that you create the new one in a format that you can backup."
 
Ander's says, "Make sure that you create the new one in a format that you can backup."
 +
 +
Richard suggests the following for health checks:
 +
 +
"To examine the CA
 +
and W0 objects in the Security container and make sure they're correct,
 +
check the following things (from memory, incomplete list):
 +
 +
* Security's NDSPKI:Tree CA DN=correct
 +
* W0's NDSPKI:SD Key ServerDN=correct
 +
* CA's Host Server=correct
 +
* Validate Org Certificate Authority's certs"
  
 
=== Related Utilities ===
 
=== Related Utilities ===

Revision as of 00:02, 1 May 2007

Draft CA Wiki

Starting point for Certificate Authority wiki -- for those who need to move their CA

Ander's says, "Make sure that you create the new one in a format that you can backup."

Richard suggests the following for health checks:

"To examine the CA and W0 objects in the Security container and make sure they're correct, check the following things (from memory, incomplete list):

  • Security's NDSPKI:Tree CA DN=correct
  • W0's NDSPKI:SD Key ServerDN=correct
  • CA's Host Server=correct
  • Validate Org Certificate Authority's certs"

Related Utilities

  • pkidiag
  • sdidiag
  • tckeygen
  • ConsoleOne

Links

A couple of TIDs to remember:

TID 3618399: "How do I move the Organizational CA to another server?"

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3618399&sliceId=SAL_Public&dialogID=33907651&stateId=0%200%2033915534

TID 3623407: "Certificate Server Issues-Removing a Server from a Tree"

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3623407&sliceId=SAL_Public&dialogID=33987106&stateId=0%200%2033989071


The ConsoleOne documentation --

http://www.novell.com/documentation/crt27/crtadmin/data/fbgcdhec.html#fbgcdhec

For NW5.1 and NW6.0 --

TID 10050254: 'Reinstalling Certificate Server"

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10050254.htm

Room for Corrections

Looking forward to the sysops' notes on this page.