Genericasn1Ext - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Table 12-23 ExtendedKeyUsageExt Configuration Parameters
Parameter
Description
Specifies whether the rule is enabled or disabled. Select to enable, deselect to disable.
enable
Specifies the predicate expression for this rule. If you want this rule to be applied to all
predicate
certificate requests, leave the field blank (default). To form a predicate expression, see "Using
Predicates in Policy Rules" on page 465.
Specifies whether the extension should be marked critical or noncritical. Select to mark critical
critical
(default), deselect to mark noncritical (default).
Specifies the total number of key-usage purposes to be contained or allowed in the extension.
numIds
Can be set to either 0 specifying that no key-usage purposes can be contained in the extension
or n specifies the total number of key-usage purposes to be included in the extension; it must
be an integer greater than zero. The default value is 10.
Note that for any number other than O in this field, a id-<n> field will be created for each
key-usage purpose, you must specify a valid OID; otherwise the policy rule will return an
error. Configuration parameters for each key-usage purposes is distinguished by <n>, which is
an integer derived from the value you assign in this field. For example, if you set the numIds
parameter to 2, <n> would be 0 and 1.
Specifies the OID that identifies a key-usage purpose.
id<n>
Permissible values: A unique, valid OID specified in the dot-separated numeric component
notation. Depending on the key-usage purposes, you may choose to use the OIDs designated
by PKIX (listed in Table 12-22 on page 504) or define your own OIDs. If you're defining your
own OID, it should be in the registered subtree of IDs reserved for your company's use.
Although you can invent your own OIDs for the purposes of evaluating and testing this server,
in a production environment, you should comply with the ISO rules for defining OIDs and for
registering subtrees of IDs. See
allocating private OIDs.
Example: 2.16.840.1.113730.1.99
GenericASN1Ext
The
GenericASN1Ext
certificates. Using this policy, you can add as many ASN.1 type based-extensions as
required without having to write any code. Further, it eliminates the dependency on the
command-line tools for generating base-64 encoded standard extensions from the x.509
extension classes.
Appendix H, "Object Identifiers"
plug-in module enables you to add custom extensions to
Extension-Specific Policy Module Reference
for information on
Chapter 12
Policies
505
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
Related Products for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE