Inputs And Outputs; Setting Up Certificate Profiles - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Chapter 2. Making Rules for Issuing Certificates
Basic Constraints Extension identifies whether a certificate is a CA signing certificate, the maximum
number of subordinate CAs that can be configured beneath the CA, and whether the extensions is
critical (required):
policyset.caCertSet.5.default.name=Basic Constraints Extension Default
policyset.caCertSet.5.default.params.basicConstraintsCritical=true
policyset.caCertSet.5.default.params.basicConstraintsIsCA=true
policyset.caCertSet.5.default.params.basicConstraintsPathLen=-1
The extension can also set required values for the certificate request called constraints. If a request's
contents do not match the set constraints, then the request is rejected. The constraints generally
correspond to the extension default, though not always. For example:
policyset.caCertSet.5.constraint.class_id=basicConstraintsExtConstraintImpl
policyset.caCertSet.5.constraint.name=Basic Constraint Extension Constraint
policyset.caCertSet.5.constraint.params.basicConstraintsCritical=true
policyset.caCertSet.5.constraint.params.basicConstraintsIsCA=true
policyset.caCertSet.5.constraint.params.basicConstraintsMinPathLen=-1
policyset.caCertSet.5.constraint.params.basicConstraintsMaxPathLen=-1
NOTE
To allow user supplied extensions to be embedded in the certificate requests and ignore
the system-defined default in the profile, the profile needs to contain the User Supplied
Extension Default, which is described in
Default".
2.1.3. Inputs and Outputs
Inputs set information that must be submitted to receive a certificate. This can be requester
information, a specific format of certificate request, or organizational information.
The outputs configured in the profile define the format of the certificate that is issued.
In Certificate System, profiles are accessed by users through enrollment forms that are accessed
through the end-entities pages. (Even clients, like the RA and TPS, submit enrollment requests
through these forms.) The inputs, then, correspond to fields in the enrollment forms. The outputs
correspond to the information contained on the certificate retrieval pages.
2.2. Setting up Certificate Profiles
Section 2.2.1, "Creating Certificate Profiles through the CA Console"
•
Section 2.2.2, "Editing Certificate Profiles in the Console"
•
Section 2.2.3, "Creating and Editing Certificate Profiles through the Command Line"
•
Section 2.2.4, "Defining Key Defaults in Profiles"
•
Section 2.2.6, "List of Certificate Profiles"
•
26
Section B.1.22, "User Supplied Extension
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?