Table of Contents
About This Guide ............................................................................................................................... vi
1. Who Should Read This Guide ................................................................................................... vi
2. Required Concepts .................................................................................................................. vi
3. What Is in This Guide .............................................................................................................. vi
4. Conventions Used in This Guide ................................................................................................ vi
5. Documentation ...................................................................................................................... vii
1. Agent Services ................................................................................................................................ 1
1. Overview of Certificate System .................................................................................................. 1
2. Agent Tasks ............................................................................................................................ 3
2.1. Certificate Manager Agent Services .................................................................................. 3
2.2. Data Recovery Manager Agent Services ............................................................................ 5
2.3. Online Certificate Status Manager Agent Services ............................................................... 5
2.4. TPS Agent Services ....................................................................................................... 6
3. Forms for Performing Agent Operations ....................................................................................... 8
4. Accessing Agent Services .........................................................................................................10
2. CA: Working with Certificate Profiles ................................................................................................12
1. About Certificate Profiles .........................................................................................................12
1.1. Profile Definition .........................................................................................................12
1.2. Categories of Certificate Profiles .....................................................................................12
2. Basic Profile Operations for an Agent .........................................................................................12
3. List of Certificate Profiles ........................................................................................................13
3.1. Example Profile ...........................................................................................................14
4. How Certificate Profiles Work ..................................................................................................16
5. Enabling and Disabling Certificate Profiles ..................................................................................17
5.1. Getting Certificate Profile Information .............................................................................17
5.2. End User Certificate Profile ............................................................................................17
5.3. Policy Information ........................................................................................................17
5.4. Approving a Certificate Profile .......................................................................................17
5.5. Disapproving a Certificate Profile ....................................................................................17
3. CA: Handling Certificate Requests .....................................................................................................19
1. Managing Requests .................................................................................................................19
2. Listing Certificate Requests ......................................................................................................20
2.1. Selecting a Request .......................................................................................................22
2.2. Searching Requests .......................................................................................................23
3. Approving Requests ................................................................................................................24
4. Sending an Issued Certificate to the Requester ..............................................................................25
4. CA: Finding and Revoking Certificates ...............................................................................................28
1. Basic Certificate Listing ...........................................................................................................28
2. Advanced Certificate Search .....................................................................................................29
3. Examining Certificates .............................................................................................................33
4. Revoking Certificates ..............................................................................................................34
4.1. Searching for Certificates to Revoke ................................................................................34
4.2. Revoking One or More Certificates ..................................................................................35
4.2.1. Revoking One Certificate ....................................................................................35
4.2.2. Revoking Multiple Certificates .............................................................................36
4.2.3. Confirming a Revocation ....................................................................................36
5. Managing the Certificate Revocation List ....................................................................................38
5.1. Viewing or Examining CRLs ..........................................................................................38
5.2. Updating the CRL ........................................................................................................38
5. CA: Publishing to a Directory ...........................................................................................................40
1. Automatic Directory Updates ....................................................................................................40
2. Manual Directory Updates ........................................................................................................40
6. DRM: Recovering Encrypted Data .....................................................................................................42
1. List Requests .........................................................................................................................42
2. Finding and Recovering Keys ...................................................................................................43
2.1. Finding Archived Keys ..................................................................................................43
2.2. Recovering Keys ..........................................................................................................46
7. OCSP: Agent Services .....................................................................................................................49
1. Listing CAs Identified by the OCSP ...........................................................................................49
2. Identifying a CA to the OCSP ...................................................................................................49
3. Adding a CRL to the OCSP ......................................................................................................51
4. Checking the Revocation Status of a Certificate ............................................................................52
iv