Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 512
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Appendix C. Publishing Module Reference
cn=Jane Doe, o=Example Corporation, c=US
For the dnComps parameter, enter those DN components that the Certificate Manager can use to form
the LDAP DN exactly. In certain situations, however, the subject name in a certificate may match more
than one entry in the directory. Then, the Certificate Manager might not get a single, distinct matching
entry from the DN. For example, the subject name cn=Jane Doe, ou=Sales, o=Example
Corporation, c=US might match two users with the name Jane Doe in the directory. If that occurs,
the Certificate Manager needs additional criteria to determine which entry corresponds to the subject
of the certificate.
To specify the components the Certificate Manager must use to distinguish between different entries
in the directory, use the filterComps parameter; for details, see
Configuration
Parameters". For example, if cn, ou, o, and c are values for the dnComps parameter,
enter l for the filterComps parameter only if the l attribute can be used to distinguish between
entries with identical cn, ou, o, and c values.
If the two Jane Doe entries are distinguished by the value of the uid attribute
janedoe1, and the other entry's uid is janedoe2
include the uid component.
NOTE
The e, l, and st components are not included in the standard set of certificate request
forms provided for end entities. These components can be added to the forms, or the
issuing agents can be required to insert these components when editing the subject name
in the certificate issuance forms.
C.2.5.1. Configuration Parameters of LdapDNCompsMap
With this configuration, a Certificate Manager maps its certificates with the ones in the LDAP directory
by using the dnComps values to form a DN and the filterComps values to form a search filter for
the subtree.
• If the formed DN is null, the server uses the baseDN value for the subtree. If both the formed DN
and base DN are null, the server logs an error.
• If the filter is null, the server uses the baseDN value for the search. If both the filter and base DN are
null, the server logs an error.
Table C.10, "LdapDNCompsMap Configuration Parameters"
Parameter
baseDN
dnComps
490
the subject names of certificates can be set to
Description
Specifies the DN to start searching for an entry in the publishing directory. If the dnComps
value to start its search in the directory.
Specifies where in the publishing directory the Certificate Manager should start searching
the end entity's information.
For example, if dnComps uses the o and c attributes of the DN, the server starts the sear
directory, where org and country are replaced with values from the DN in the certificate.
Table C.10, "LdapDNCompsMap
one entry's uid is
describes these parameters.
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?
Questions and answers