Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 539
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Table 12-40 SubjectDirectoryAttributesExt Configuration Parameters (Continued)
Parameter
predicate
critical
numAttributes
attribute<n>.attrib
uteName
attribute<n>.whereT
oGetValue
attribute<n>.value
Description
Specifies the predicate expression for this rule. If you want this rule to be applied to all
certificate requests, leave the field blank (default). To form a predicate expression, see
"Using Predicates in Policy Rules," on page 465.
Specifies whether the extension should be marked critical or noncritical. Select to mark
critical, deselect to mark noncritical (default).
Specifies the total number of directory attributes to be contained or allowed in the
extension.
You can configure the server to include up to three attributes in the extension. By
default, this field is set to its maximum value, 3, and the UI shows fields for configuring
three attributes. You can change the total number of attributes by changing the value of
this parameter. Each set of configuration parameters is distinguished by <n>, which is
an integer derived from the value you assign in this field. For example, if you set the
numAttributes parameter to 2, <n> would be 0 and 1.
Specifies the name of the directory attribute whose value is to be included in the
extension.
Permissible values: TITLE, O, OU, L, E, C, GIVENNAME, DC, UID, CN,
UNSTRUCTUREDNAME, GENERATIONQUALIFIER, ST, DNQUALIFIER, SN, MAIL,
UNSTRUCTUREDADDRESS, STREET, SERIALNUMBER, and INITIALS. The list
may show any additional attributes that you may have added.
Specifies where to get the value for the selected directory attribute.
•
Select Request Attribute if you want the server to read the value from the
request attribute.
•
Select Fixed Value if you want to specify a fixed value for the attribute.
Note that both the options require you to enter the value for the attribute in the
attribute<n>.value field. The server will set the extension with this value in all
certificates specified by the predicate parameter.
Specifies the value for the directory attribute to be included in the extension.
Permissible value: A string value for the attribute selected.
Example: Member of Technical Staff
Extension-Specific Policy Module Reference
Chapter 12
Policies
539
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?