Questo contenuto non è disponibile nella lingua selezionata.

Chapter 2. User Interfaces


There are different interfaces for managing certificates and subsystems, depending on the user's role: administrators, agents, auditors, and end users.

2.1. User Interfaces Overview

Administrators can use the following interfaces to securely interact with a completed Certificate System installation:
  • The PKI command-line interface and other command-line utilities
  • The PKI Console graphical interface
  • The Certificate System web interface.
These interfaces require configuration prior to use for secure communication with the Certificate System server over TLS. Using these clients without proper configuration is not allowed. Some of these tools use TLS client authentication. When required, their required initialization procedure includes configuring this. Which interface is used depends on the administrator's preferences and functionality available. Common actions using these interfaces are described in the remainder of the guide after this chapter.
By default, the PKI command-line interface uses the NSS database in the user's ~/.dogtag/nssdb/ directory. Section 2.5.1.1, “pki CLI Initialization” provides detailed steps for initializing the NSS database with the administrator's certificate and key. Some examples of using the PKI command-line utility are described in Section 2.5.1.2, “Using "pki" CLI”. Additional examples are shown through the rest of the guide.
Interfacing with Certificate System (as an administrator in other user roles) can be done using various command-line utilities to submit CMC requests, manage generated certificates, and so on. These are described briefly in Section 2.5, “Command Line Interfaces”, such as Section 2.5.2, “AtoB”. These utilities are utilized in later sections such as Section 5.2.1.2, “Creating a CSR Using PKCS10Client.
The Certificate System web interface allows administrative access through the Firefox web browser. Section 2.4.1, “Browser Initialization” describes instructions about configuring the client authentication. Other sections in Section 2.4, “Web Interface” describe using the web interface of Certificate System.
The Certificate System's PKI Console is a graphical interface. Please note that it is being deprecated. Section 2.3.1, “pkiconsole Initialization” describes how to initialize this console interface. Section 2.3.2, “Using pkiconsole for CA, OCSP, KRA, and TKS Subsystems” gives an overview of using it. Later sections, such as Section 3.2.2, “Managing Certificate Enrollment Profiles Using the Java-based Administration Console” go into greater detail for specific operations.

Note

To terminate a PKI Console session, click the Exit button. To terminate a web browser session, close the browser. A command-line utility terminates itself as soon as it performs the action and returns to the prompt, so no action is needed on the administrator's part to terminate the session.
Red Hat logoGithubRedditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita ilBlog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

© 2024 Red Hat, Inc.