Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 448
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Defaults Reference
In general, you can configure which attributes should or shouldn't be stored in the request;
for example, you can exclude sensitive attributes such as passwords from getting stored in
the request with the help of the parameter named
configuration file. For details on using this parameter, see the description for
in section "JavaScript Used By All Interfaces" of CS Customization Guide. You can also
distinguish the attributes based on their origin—that is, whether they originated from the
enrollment form or where added to the request during the authentication process.
Authenticated attributes have
and non-authenticated attributes such as the ones that come from the HTTP input have
HTTP_PARAMS
If enabled, the subject alternative extension policy checks the certificate request for
configured attributes. If the request contains an attribute, the policy reads its value and sets
it in the extension. This way, the extension that gets to added to certificates contains all the
configured attributes.
You can define the following constraints with this default:
•
Extension Constraint, see "Extension Constraint," on page 454.
•
No Constraints, see "No Constraint," on page 456.
Table 11-15 Subject Alternative Name Extension Default Configuration Parameters
Parameter
Critical
Pattern
Type
448
Red Hat Certificate System Administrator's Guide • September 2005
AUTH_TOKEN
as prefix (for example,
Description
Select true to mark this extension critical; select false to mark the extension
noncritical.
Specifies the request attribute whose value is to be included in the extension. The
attribute value must conform to any of the supported general-name types. If the
server finds the attribute in the request, it sets the attribute value in the extension
and then adds the extension to certificates. If you specify multiple attributes and if
none of the attributes are present in the request, the server does not add the subject
alternative name extension to certificates.
Permissible values: A request attribute included in the certificate request.
Example: $request.requestor_email$
Specifies the general-name type for the request attribute.
•
Select RFC822Name if the request-attribute value is an Internet mail address
in the local-part@domain format. For example,
jdoe@example.com.
•
Select DirectoryName if the request-attribute value is an X.500 directory
name, similar to the subject name in a certificate. For example,
CN=Jane Doe, OU=Sales Dept, O=Example Corporation,
C=US.
dontSaveHttpParams
as prefix (for example,
HTTP_PARAMS.csrRequestorEmail
defined in the CS
HTTP_PARAMS
)
AUTH_TOKEN.mail
).
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
Related Products for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?