Configuring Rule Instances - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.3 - ADMINISTRATION:
- Manual (98 pages) ,
- Release note (24 pages) ,
- Manual (92 pages)
Table of Contents
Advertisement
Parameter
filterComps
Table 15.13. LdapDNCompsMap Configuration Parameters
15.13.3. Configuring Rule Instances
This section discusses the rule instances that have been set.
15.13.3.1. LdapCaCertRule
The LdapCaCertRule can be used to publish CA certificates to an LDAP directory.
Parameter
Value
type
cacert
predicate
enable
yes
Description
where org and country are replaced with values
from the DN in the certificate.
If the dnComps field is empty, the server checks
the baseDN field and searches the directory tree
specified by that DN for entries matching the filter
specified by filterComps parameter values.
The permissible values are valid DN components
or attributes separated by commas.
Specifies components the Certificate Manager
should use to filter entries from the search result.
The server uses the filterComps values to
form an LDAP search filter for the subtree. The
server constructs the filter by gathering values for
these attributes from the certificate subject name;
it uses the filter to search for and match entries in
the LDAP directory.
If the server finds more than one entry in the
directory that matches the information gathered
from the certificate, the search is successful, and
the server optionally performs a verification. For
example, if filterComps is set to use the email
and user ID attributes (filterComps=e,uid),
the server searches the directory for an entry
whose values for email and user ID match the
information gathered from the certificate.
The permissible values are valid directory
attributes in the certificate DN separated by
commas. The attribute names for the filters need
to be attribute names from the certificate, not
from ones in the LDAP directory. For example,
most certificates have an e attribute for the user's
email address; LDAP calls that attribute mail.
Description
Specifies the type of certificate that will be published.
Specifies a predicate for the publisher.
Enables the rule.
Configuring Rule Instances
373
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE 7.1 ADMINISTRATOR
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.3 - ADMINISTRATION and is the answer not in the manual?
Questions and answers