Manualshelf

Specifications

ManualsBrandsRed Hat ManualsComputer equipmentDIRECTORY SERVER 2.0 - GATEWAY
31323334353637383940
Configuration
35
Introduction
systems and data sources, Digital Certificate Management aids in
programmatically generating and authenticating each certificate
request, as well as issuing and installing each certificate on the
Gateway Client.
ESRS Digital Certificate Management provides proof-of-identity of
your Gateway Client. This digital document binds the identity of the
Gateway Client to a key pair that can be used to encrypt and
authenticate communication back to EMC. Because of its role in
creating these certificates, the EMC certificate authority is the central
repository for the ESRS key infrastructure.
The CA requires full authentication of a certificate requester before it
issues the requested certificate to the Gateway Client. Not only must
the CA verify that the information contained in the certificate request
be accurate, it must also verify that the EMC Global Services
professional making the request is authenticated, and that this person
belongs to an EMC Global Services group that is allowed to request a
certificate for the customer site at which the Gateway Client
certificate is to be installed.
The EMC Global Services professional requests a certificate by first
authenticating himself or herself using an EMC-issued RSA SecurID
Authenticator. Once authentication is complete, the Gateway Client
installation program locally gathers all the information required for
requesting certificates. It also generates a certificate request, a private
key, and a random password for the private key. The Gateway Client
installation program then writes the certificate request information to
a request file, ensuring accuracy and completeness of the
information.
The installation program then submits the request. After the
certificate is issued, the installation program automatically completes
the certificate installation on the Gateway Client.
IMPORTANT
!
Due to EMC’s use of RSA Lockbox technology, a certificate cannot
be copied and used on another machine. Changing the host name,
joining to a Linux Domain, or changing the MAC addresses will
cause the Lockbox to fail and may result in having to reinstall the
Gateway Client.