Keyusageext - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Table 12-25 IssuerAltNameExt Configuration Parameters (Continued)
Parameter
KeyUsageExt
The
KeyUsageExt
certificates. The extension specifies the purposes for which the key contained in a certificate
should be used—for example, it specifies whether the key should be used for data signing,
key encipherment, or data encipherment—and thus enables you to restrict the usage of a key
pair to predetermined purposes.
For general information about this extension, see "keyUsage" on page 736.
The key usage extension is a string of boolean bit-flags, each bit identifying the purpose for
which a key is to be used. Table 12-26 lists the bits and their designated purposes.
Description
•
If you selected iPAddress, the value must be a valid IP address (IPv4 or
IPv6) specified in dot-separated numeric component notation. The syntax for
specifying the IP address is as follows:
For IP version 4 (IPv4), the address should be in the form specified in RFC 791
(http://www.ietf.org/rfc/rfc0791.txt). IPv4 address must be
in the n.n.n.n format; for example, 128.21.39.40. IPv4 address with
netmask must be in the n.n.n.n,m.m.m.m format. For example,
128.21.39.40,255.255.255.00.
For IP version 6 (IPv6), the address should be in the form described in RFC
1884 (http://www.ietf.org/rfc/rfc1884.txt), with netmask
separated by a comma. Examples of IPv6 addresses with no netmask are
0:0:0:0:0:0:13.1.68.3 and FF01::43. Examples of IPv6 addresses
with netmask are 0:0:0:0:0:0:13.1.68.3,FFFF:
FFFF:FFFF:FFFF:FFFF:FFFF:255.255.255.0 and
FF01::43,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:0000.
•
If you selected OID, the value must be a unique, valid OID specified in the
dot-separated numeric component notation. Although you can invent your own
OIDs for the purposes of evaluating and testing this server, in a production
environment, you should comply with the ISO rules for defining OIDs and for
registering subtrees of IDs. See
information on allocating private OIDs. For example,
1.2.3.4.55.6.5.99.
•
If you selected otherName, the value must be the absolute path to the file
that contains the base-64 encoded string of the alternative name. For example,
/usr/netscape/servers/ext/ian/othername.txt.
plug-in module enables you to add the Key Usage Extension to
Extension-Specific Policy Module Reference
Appendix H, "Object Identifiers"
Chapter 12
for
Policies
513
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
Related Products for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?