Novell® Certificate Server™ provides public key cryptography services that are natively integrated into Novell eDirectory® and that allow you to mint, issue, and manage both user and server certificates. These services allow you to protect confidential data transmissions over public communications channels such as the Internet.
NOTE:If you are unfamiliar with public key cryptography concepts, see Public Key Cryptography Basics.
Public key cryptography presents unique challenges to network administrators. Novell Certificate Server helps you meet these challenges in the following ways:
Provides public key cryptography services on your network
You can create an Organizational Certificate Authority (CA) within your eDirectory tree, allowing you to issue an unlimited number of user and server certificates. You can also use the services of an external certificate authority, or use a combination of both as your needs dictate.
Controls the costs associated with obtaining and managing public key certificates
You can create an Organizational CA and issue public key certificates through the Organizational CA.
Allows public key certificates to be openly available while also protecting them against tampering
Certificates are stored in eDirectory and can therefore leverage eDirectory replication and access control features.
Allows private keys to be accessible to only the software routines that use them for signing and decrypting operations
Private keys are encrypted by Novell International Crytography Infrastructure (NICI) and made available only to the software routines using them for signing and decrypting operations.
Securely backs up private keys
Private keys are encrypted by NICI, stored in eDirectory, and backed up using standard eDirectory backup utilities.
Allows central administration of certificates using iManager and ConsoleOne®.
iManager plug-ins and ConsoleOne snap-ins are provided, allowing you to manage certificates issued from your Organizational CA or from any other CA that supports a certificate signing request in PKCS #10 format.
Allows users to manage their own certificates
Users can use iManager or ConsoleOne to export keys for use in cryptography-enabled applications without system administrator intervention.
Supports popular e-mail clients and browsers
Novell Certificate Server allows you to create and manage user certificates for securing e-mail. Novell Certificate Server supports GroupWise® 5.5 or later, Microsoft* Outlook 98 and Outlook 2000, Netscape* Messenger*, and other popular e-mail clients. It's also compatible with Mozilla*, Mozilla* Firefox*, and Microsoft Internet Explorer browsers.