Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE Manual page 22

Profile Policy Set
set4 - Authority Key Identifier
set5 - AIA extension
set6 - Key Usage
set7 - Extended Key Usage
set8 - Subject Alt Name Constraint
3.1. Example Profile
Defaults
No defaults
authinfoaccesscritical
= false
authinfoaccessADMeth-
od_0= OID
authinfoaccessADLoca-
tionType_0=URIName
authinfoaccessADE-
nable_0=true
authinfoaccessADLoca-
tion_0=
Populates a Key Usage extension
(2.5.29.15) to the request. The
default values are as follows:
Criticality=true
Digital Signature=true
Non-Repudiation=true
Key Encipherment=true
Data Encipherment=false
Key Agreement=false
Key Certificate
Sign=false
Key CRL Sign=false
Encipher Only=false
Decipher Only=false
Populates an Extended Key Usage
extension to the request. The de-
fault values are Critical-
ity=false
OIDs=1.3.6.1.5.5.7.3.2,
1.3.6.1.5.5.7.3.4.
Populates a Subject Alternative
Name extension (2.5.29.17) to
the request. The default values are
Criticality=false and Re-
cord
#0{Pattern:$request.req
uester_email$,Pattern
Constraints
The keytype should be RSA.
keyminLength = 512
keymaxLength = 4096
The key length should be between
512 and 4096.
No constraints
No constraints
Accepts the Key Usage extension,
if present, only when the default
values are set.
No constraints
and
No constraints
Profiles