Red Hat Comment Extension Default; Netscape Certificate Type Extension Default - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

Defaults Reference
Table 11-8
Parameter
ExcludedSubtree
Enable_<n>

Red Hat Comment Extension Default

This default populates a Red Hat comment extension in the certificate request. The
extension can be used to include textual comments in certificates. Applications that are
capable of interpreting the comment may display it to a relying party when the certificate is
used or viewed.
For general information about this extension, see "netscape-comment" on page 749.
You can define the following constraints with this default:
• Extension Constraint, see "Extension Constraint," on page 454.
• No Constraints, see "No Constraint," on page 456.
Table 11-9
Parameter
critical
CommentContent

Netscape Certificate Type Extension Default

This default populates a Netscape Certificate Type extension in the certificate request. The
extension identifies the certificate type—for example, it identifies whether the certificate is
a CA certificate, server SSL certificate, client SSL certificate, object signing certificate, or
S/MIME certificate—and thus enables you to restrict the usage of a certificate to
predetermined purposes.
442 Red Hat Certificate System Administrator's Guide • September 2005
Name Constraints Extension Default Configuration Parameters (Continued)
Description
• If you selected OtherName, the value must be the absolute path
to the file that contains the base-64 encoded string of the subtree.
For example,
/usr/netscape/servers/ext/nc/othername.txt.
Select true to enable this excluded subtree entry, select false to disable
this excluded subtree entry.
Red Hat Comment Extension Configuration Parameters
Description
Select true to mark this extension critical; select false to mark the
extension noncritical.
Specifies the content of the comment to appear in the certificate.