Why the Red Hat Certificate System configuration parameters nickname and newNickname can have different values?
Issue
In the Red Hat Certificate System / RHCS main configuration file CS.cfg, the certificate nicknames of the subsystems CA, DRM, TKS, and TPS can have the parameters nickname and newNickname with different values, why do the multiple name and value pairs of the certificate nicknames of those subsystems?
Case with internal encryption token, the values for ca.signing.newNickname and ca.signing.nickname are the same:
ca.signing.newNickname=caSigningCert cert-ca1
ca.signing.nickname=caSigningCert cert-ca1
ca.signing.tokenname=Internal Key Storage Token
And with a different encryption module, example with netHSM:
ca.signing.newNickname=<netHSM name>:caSigningCert cert-ca1
ca.signing.nickname=caSigningCert cert-ca1
ca.signing.tokenname=<netHSM name>
When will ca.signing.newNickname be used and when will ca.signing.nickname be used?
Why are both created?
Environment
- Red Hat Enterprise Linux 5
- Red Hat Certificate System 8
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.