Install Novell Certificate Server |
For the first installation to an eDirectory® tree: - Supervisor at the [Root] ofthe tree
For subsequent installations: - Supervisor to the W0 object
- Rights needed to create a Server Certificate object
If a user doesn't have the rights to create a Server Certificateobject, the installation finishes, but the Server Certificate objectswil need to be created manually by someone with the appropriaterights and applications that use these certificates will need tobe manually configured.
|
Creating an Organizational CA |
- Supervisor onthe Security container
|
Viewing the Organizational CA's propertiesand certificates |
- Browse on theOrganizational CA's object
|
Exporting the Organizational CA's certificate(s) |
- Browse on theOrganizational CA's object
|
Issuing a public key certificate |
|
Backing up and restoring an OrganizationalCA |
- Supervisor onthe Organizational CA's object
|
Moving the Organizational CA to a differentserver |
- Supervisor onthe Organizational CA's object
|
Validating the Organizational CA's Certificates |
- Browse on theOrganizational CA's object
|
Replacing the Organizational CA |
- Supervisor onthe Organizational CA's object
|
Deleting the Organizational CA |
- Delete on theOrganizational CA's object
|
Creating Server Certificate objects |
- Supervisor onthe server's container
|
Importing a public key certificate intoa Server Certificate object |
- Write to theattribute NDSPKI:Public Key Certificate onthe Server Certificate object
- Write to the attribute NDSPKI:Certificate Chain onthe Server Certificate Object
|
Deleting a Server Certificate object |
- Delete on theServer Certificate object
|
Exporting a Trusted Root or Public KeyCertificate from a Server Certificate object |
- Browse on theServer Certificate object
|
Viewing the Server Certificate object'sproperties and certificates |
- Browse on theServer Certificate object
|
Backing up and restoring a Server Certificate object |
- Supervisor onthe server object that owns the Server Certificate object to back-up
- Create on the server object's container to restore.
|
Validating Server Certificates |
- Browse on theServer Certificate object
|
Revoking Server Certificates |
- Read to the CAPrivate Key or Delete on the Server Certificate object or Supervisoron the Host Server (i.e. NCP Server object)
|
Replacing a server certificate's keyingmaterial |
- Write to theattribute NDSPKI:PrivateKey on the server certificateobject
|
Creating user certificates |
|
Importing a public key certificate intoa User object |
- Read and Writeon the attribute NDSPKI:userCertificateInfo onthe User object
- Read and Write to the attribute NDSPKI:userCertificate onthe User object
|
Viewing a user certificate's properties |
|
Exporting a user certificate |
|
Exporting a user's private key and certificate |
- You must be loggedin as the user.
|
Deleting a user certificate and privatekey |
- Read and Writeto NDSPKI:userCertificateInfo
- Read and Write to userCertificate
|
Validating User Certificates |
|
Revoking User Certificates |
- Read to the CAPrivate Key or Delete on the User Object or be logged-in as theUser and Write to the userCertificate attribute
|
Creating a Trusted Root Container |
- Create on theSecurity container
|
Creating a Trusted Root object |
- Create on theTrusted Root Container in which the Trusted Root object will reside
|
Viewing a Trusted Root object's properties |
- Browse on theTrusted Root object
|
Replacing a trusted root certificate |
- Read and Writeto NDSPKI:Not After on the Trusted Root object
- Read and Write to NDSPKI:NotBefore on the Trusted Root object
- Read and Write to NDSPKI:Subject Name on theTrusted Root object
- Read and Write to NDSPKI:Trusted Root Certificate onthe Trusted Root object
|
Validating a trusted root certificate |
- Browse on theTrusted Root object
|
Revoking a trusted root certificate |
- Read to the CAPrivate Key or Delete on the Trusted Root Object
|
Deleting a Trusted Root object |
- Delete on theTrusted Root object
|
Creating a CRL Container |
- Supervisor onthe Security container
- Write to the attribute ndspkiCRLContainerDN onthe Organizational CA’s object
|
Deleting a CRL Container |
- Delete on theCRL container
|
Creating a CRL Configuration object |
- Supervisor onthe CRL container
|
Activating a CRL Configuration object |
- Write to theattribute ndspkiCRLConfigurationDNList on the OrganizationalCA’s object
|
Viewing and/or Modifying a CRLConfiguration object's Properties |
Modifying - Supervisor on the CRL Configurationobject or
or - Write to the attribute being modified on the CRLConfiguration object
Viewing - Browse on the CRL Configuration object
|
Deleting a CRL Configuration object |
- Delete on theCRL Configuration object
|
Creating a CRL object |
- Supervisor ofthe CRL Configuration object
|
Exporting a CRL file |
- Read from theattribute certificateRevocationList
|
Replacing a CRL file |
|
Viewing a CRL object's properties |
- Browse to theattribute certificateRevocationList
|
Deleting a CRL object |
- Delete on theCRL Distribution Point
|
Creating a Security container |
- Create at theroot of the eDirectory tree
|
Creating a SAS service object |
- Supervisor onthe object's container
- Write to the attribue SAS:Service DN onthe server that the object is being created
|