Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 466
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Appendix B. Defaults, Constraints, and Extensions for Certificates and CRLs
entering them in the ldapStringAttributes and ldapByteAttributes fields defined in the
automated enrollment modules.
If authenticated attributes — meaning attributes stored in an LDAP database — need to be part of this
extension, use values from the $request.X$ token.
There is an additional attribute to insert a universally unique identifier (UUID) into the subject alt name.
This option generates a random number for version 4 UUID; the pattern is defined by referencing the
server which will generate the number in an additional subjAltExtSource parameter.
A basic Subject Alternative Name Extension default is configured in the example.
policyset.serverCertSet.9.constraint.name=No Constraint
policyset.serverCertSet.9.default.class_id=subjectAltNameExtDefaultImpl
policyset.serverCertSet.9.default.name=Subject Alternative Name Extension Default
policyset.serverCertSet.9.default.params.subjAltExtGNEnable_0=true
policyset.serverCertSet.9.default.params.subjAltExtPattern_0=$request.requester_email$
policyset.serverCertSet.9.default.params.subjAltExtType_0=RFC822Name
policyset.serverCertSet.9.default.params.subjAltExtGNEnable_1=true
policyset.serverCertSet.9.default.params.subjAltExtPattern_1=$request.SAN1$
policyset.serverCertSet.9.default.params.subjAltExtType_1=DNSName
policyset.serverCertSet.9.default.params.subjAltExtGNEnable_2=true
policyset.serverCertSet.9.default.params.subjAltExtPattern_2=http://www.server.example.com
policyset.serverCertSet.9.default.params.subjAltExtType_2=URIName
policyset.serverCertSet.9.default.params.subjAltExtType_3=OtherName
policyset.serverCertSet.9.default.params.subjAltExtPattern_3=(IA5String)1.2.3.4,$server.source
$
policyset.serverCertSet.9.default.params.subjAltExtSource_3=UUID4
policyset.serverCertSet.9.default.params.subjAltExtGNEnable_3=true
policyset.serverCertSet.9.default.params.subjAltExtType_4=RFC822Name
policyset.serverCertSet.9.default.params.subjAltExtGNEnable_4=false
policyset.serverCertSet.9.default.params.subjAltExtPattern_4=
policyset.serverCertSet.9.default.params.subjAltNameExtCritical=false
policyset.serverCertSet.9.default.params.subjAltNameNumGNs=4
Example B.1. Default Subject Alternative Name Extension Configuration
The Subject Alternative Name extension default checks the certificate request for the profile attributes.
If the request contains an attribute, the profile reads its value and sets it in the extension. It is also
possible for the Subject Alternative Name extension default to insert attribute values from an LDAP
directory, if LDAP-based authentication is configured. The extension added to the certificates contain
all the configured attributes.
The variables that can be used with the Subject Alternative Name extension default are listed in
Table B.15, "Variables to Insert Values in the Subject Alternative
Policy Set Token
$request.auth_token.cn$
$request.auth_token.mail$
$request.auth_token.tokenCertSubject
$
$request.auth_token.uid$
$request.auth_token.user$
$request.auth_token.userDN$
444
Description
The LDAP common name (cn) attribute of the user who requested the certificate.
The value of the LDAP email (mail) attribute of the user who requested the certificate.
The certificate subject name.
The LDAP user ID (uid) attribute of the user who requested the certificate.
The user DN of the user who requested the certificate.
Name".
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?
Questions and answers