Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
161162163164165166167168169170
Chapter 7: Setting and Use of the Interstage Certificate Environment
7-2
Certificates and Private Keys
This section explains certificates and private keys.
What are the Certificates and the Private Keys?
The CA (certification authority) certificate, site certificate, and corresponding private key are required for
signature and encryption processing such as for SSL communication. A certificate revocation list (CRL) is
also used to check the validity of a certificate.
A certificate and CRL that conform to X.509 or RFC2459 and that use an RSA key can be used.
CA certificate
This is a certificate of the CA itself that certifies the certificate issued by the CA.
A CA may issue a certificate to a subordinate CA, in which case the certificate of the CA itself and the
certificate issued to the subordinate CA are both referred to as a CA certificate. The certificate issued
to the subordinate CA is specifically referred to as an intermediate CA certificate.
Site certificate
A site certificate is issued by a CA to certify the identity of a server, client, or service. It includes
information on the user (server, client, or service) and information on the CA. The site certificate must
always be used in combination with the CA certificate that issued the site certificate.
Private key corresponding to a site certificate
The private key forms a pair with the public key included in the site certificate.
Note
Losing or deleting a private-key means that the site certificate that it corresponds to is unable to be
registered.
Therefore, be sure to keep a backup of private keys.
Certificate revocation list (CRL)
This is a list of revoked certificates that is issued by a CA.