Policymappingsext - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Extension-Specific Policy Module Reference
Table 12-35 PolicyConstraintsExt Configuration Parameters (Continued)
Parameter
Description
Specifies the total number of certificates permitted in the path before policy mapping is no
inhibitPolicy
longer permitted.
Mapping
Permissible values: -1, 0, or n.
•
•
•
PolicyMappingsExt
The
PolicyMappingsExt
Extension defined to certificates. The extension lists one or more pairs of OIDs, each pair
identifying two policy statements of two CAs. The pairing indicates that the corresponding
policies of one CA are equivalent to policies of another CA. The extension may be useful in
the context of cross-certification. If supported, the extension is to be included in CA
certificates only. The policy allows you to map policy statements of one CA to that of
another by pairing the OIDs assigned to their policy statements
Each pair is defined by two parameters,
subjectDomainPolicy
issuerDomainPolicy
issuing CA's users may accept an
policy mapping tells these users which policies associated with the subject CA are
equivalent to the policy they accept.
For general information about this extension, see "policyMappings" on page 739.
During installation, CS automatically creates an instance of the policy mappings extension
policy, named
Table 12-36 PolicyMappingsExt Configuration Parameters
Parameter
enable
532
Red Hat Certificate System Administrator's Guide • September 2005
-1 specifies that the field should not be set in the extension (default).
0 specifies that no subordinate CA certificates are permitted in the path before policy
mapping is no longer permitted.
n must be an integer that is greater than zero. It specifies at the most n subordinate CA
certificates are allowed in the path before policy mapping is no longer permitted. For
example, a value of one indicates that policy mapping may be processed in certificates
issued by the subject of this certificate, but not in additional certificates in the path.
plug-in module enables you to add the Policy Mappings
. The pairing indicates that the issuing CA considers the
equivalent to the
PolicyMappingsExt
Description
Specifies whether the rule is enabled or disabled. Select to enable, deselect to disable.
issuerDomainPolicy
subjectDomainPolicy
issuerDomainPolicy
, that is enabled by default.
and
of the subject CA. The
for certain applications. The
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
Related Products for Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE