certServer.auth.configuration
Allow or deny a read or modify operation to the authentication configuration.
Operations
read
Viewing authentication plug-ins, authentication type, configured
authentication manager plug-ins, and authentication instances. Listing
authentication manager plug-ins and authentication manager instances.
modify
Adding or deleting authentication plug-in and authentication instance.
Modifying authentication instance.
Default ACIs
allow (read) group="Administrators" || group="Certificate Manager
Agents" || group="Registration Manager Agents" || group="Data
Recovery Manager Agents" || group="Online Certificate Status Manager
Agents" || group="Auditors"
allow (modify) group="Administrators"
Administrators, agents, and auditors are allowed to read authentication configuration;
administrators are allowed to modify authentication configuration.
certServer.ca.certificate
Allow or deny an import, unrevoke, revoke, and read operation for certificates in the agents
services interface.
Operations
import
Retrieving a certificate by serial number.
unrevoke
Changing the status of a certificate from revoked.
revoke
Revoking certificates, or approving certificate revocation requests.
read
Retrieving certificates based on associated request ID and displaying
certificate details for a certificate, based on associated request ID
Default ACIs
allow (import,unrevoke,revoke,read) group="Certificate Manager
Agents"
Certificate Manager Agents can import, unrevoke, revoke, and read a certificate.
ACL Reference
Chapter 9
Authorization
341