Why the Red Hat Certificate System configuration parameters nickname and newNickname can have different values?

Solution Unverified - Updated -

Issue

In the Red Hat Certificate System / RHCS main configuration file CS.cfg, the certificate nicknames of the subsystems CA, DRM, TKS, and TPS can have the parameters nickname and newNickname with different values, why do the multiple name and value pairs of the certificate nicknames of those subsystems?

Case with internal encryption token, the values for ca.signing.newNickname and ca.signing.nickname are the same:

ca.signing.newNickname=caSigningCert cert-ca1
ca.signing.nickname=caSigningCert cert-ca1
ca.signing.tokenname=Internal Key Storage Token

And with a different encryption module, example with netHSM:

ca.signing.newNickname=<netHSM name>:caSigningCert cert-ca1
ca.signing.nickname=caSigningCert cert-ca1
ca.signing.tokenname=<netHSM name>

When will ca.signing.newNickname be used and when will ca.signing.nickname be used?
Why are both created?

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Certificate System 8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.