Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 520
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Extension-Specific Policy Module Reference
For general information about this extension, see "nameConstraints" on page 737.
During installation, CS automatically creates an instance of the name constraints extension
policy, named
Table 12-29 NameConstraintsExt Configuration Parameters
Parameter
enable
predicate
critical
numPermittedSubtrees
numExcludedSubtrees
520
Red Hat Certificate System Administrator's Guide • September 2005
NameConstraintsExt
Description
Specifies whether the rule is enabled or disabled. Select to enable, deselect to
disable.
Specifies the predicate expression for this rule. If you want this rule to be applied
to all certificate requests, leave the field blank (default). To form a predicate
expression, see section "Using Predicates in Policy Rules" in Chapter 18, "Setting
Up Policies" of CS Administrator's Guide.
Example: HTTP_PARAMS.certType==ca
Specifies whether the extension should be marked critical or noncritical. Select to
mark critical (default), deselect to mark noncritical.
Specifies the total number of subtrees to be permitted in the extension. Note that
each permitted subtree has a set of configuration parameters and you must specify
appropriate values for each of these parameters; otherwise the policy rule will
return an error.
You can change the total number of permitted subtrees by changing the value in
this field; there's no restriction on the total number of permitted subtrees you can
include in the extension. Each set of configuration parameters is distinguished by
<n>, which is an integer derived from the value you assign in this field. For
example, if you set the numPermittedSubtrees parameter to 2, <n> would
be 0 and 1.
Permissible values: 0 or n.
•
0 specifies that no permitted subtrees can be contained in the extension.
•
n specifies the total number of permitted subtrees to be included in the
extension; it must be an integer greater than zero. The default value is 8.
Specifies the total number of subtrees to be excluded in the extension. Note that
each excluded subtree has a set of configuration parameters and you must specify
appropriate values for each of these parameters; otherwise the policy rule will
return an error.
You can change the total number of excluded subtrees by changing the value in
this field; there's no restriction on the total number of excluded subtrees you can
include in the extension. Each set of configuration parameters is distinguished by
<n>, which is an integer derived from the value you assign in this field. For
example, if you set the numExcludedSubtrees parameter to 2, <n> would be
0 and 1.
, that is disabled by default.
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
Related Products for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?