Novell® Certificate ServerTM provides public key cryptography services that are natively integrated into Novell eDirectory® and that allow you to mint, issue, and manage both user and server certificates. These services allow you to protect confidential data transmissions over public communications channels such as the Internet.
NOTE: If you are unfamiliar with public key cryptography concepts, see Public Key Cryptography Basics.
Public key cryptography presents unique challenges to network administrators. Novell Certificate Server helps you meet these challenges in the following ways:
You can create an Organizational Certificate Authority (CA) within your eDirectory tree, allowing you to issue an unlimited number of user and server certificates. You can also use the services of an external certificate authority, or use a combination of both as your needs dictate.
You can create an Organizational CA and issue public key certificates through the Organizational CA.
Certificates are stored in eDirectory and can therefore leverage eDirectory replication and access control features.
Private keys are encrypted by Novell International Crytography Infrastructure (NICI) and made available only to the software routines using them for signing and decrypting operations.
Private keys are encrypted by NICI, stored in eDirectory, and backed up using standard eDirectory backup utilities.
Users can use iManager to export keys for use in cryptography-enabled applications without system administrator intervention.
Novell Certificate Server allows you to create and manage user certificates for securing e-mail. Novell Certificate Server supports GroupWise® 5.5 or later, Microsoft* Outlook 98 and Outlook 2000, Netscape* Messenger*, and other popular e-mail clients. It's also compatible with both Netscape Navigator* and Microsoft Internet Explorer.