Changing Dn Attributes In Ca-Issued Certificates - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Chapter 2. Making Rules for Issuing Certificates
Policy Set Token
$request.requestor_email$
$request.requestowner$
$request.subject$
$request.tokencuid$
$request.upn$
$server.source$
Table 2.6. Variables Used to Populate Certificates
2.7.2. Changing DN Attributes in CA-Issued Certificates
In certificates issued by the Certificate System, DNs identify the entity that owns the certificate. In
all cases, if the Certificate System is connected with a Directory Server, the format of the DNs in the
certificates should match the format of the DNs in the directory. It is not necessary that the names
match exactly; certificate mapping allows the subject DN in a certificate to be different from the one in
the directory.
In the Certificate System, the DN is based on the components, or attributes, defined in the X.509
Table 2.7, "Allowed Characters for Value Types"
standard.
set of attributes is extensible.
Attribute
cn
ou
o
c
l
st
street
title
uid
mail
dc
serialnumber
unstructuredname
unstructuredaddress
Table 2.7. Allowed Characters for Value Types
By default, the Certificate System supports the attributes identified in
for Value
Types". This list of supported attributes can be extended by creating or adding new
attributes. The syntax for adding additional X.500Name attributes, or components, is as follows:
64
Description
0:0:0:0:0:0:13.1.68.3, FF01::43, 0:0:0:0:0:0:13.1.68.3,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
FF01::43,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:0000.
The email address of the person who submitted the request.
The person who submitted the request.
The subject name DN of the entity to which the certificate is issued. For example, uid=jsm
The card unique ID (CUID) of the smart card token used for requesting the enrollment.
The Microsoft UPN. This has the format (UTF8String)1.3.6.1.4.1.311.20.2.3,$request.upn
Instructs the server to generate a version 4 UUID (random number) component in the sub
(IA5String)1.2.3.4,$server.source$.
lists the attributes supported by default. The
Value Type
DirectoryString
DirectoryString
DirectoryString
PrintableString , two-
character
DirectoryString
DirectoryString
DirectoryString
DirectoryString
DirectoryString
IA5String
IA5String
PrintableString
IA5String
PrintableString
Object Identifier
2.5.4.3
2.5.4.11
2.5.4.10
2.5.4.6
2.5.4.7
2.5.4.8
2.5.4.9
2.5.4.12
0.9.2342.19200300.100.1.1
1.2.840.113549.1.9.1
0.9.2342.19200300.100.1.2.25
2.5.4.5
1.2.840.113549.1.9.2
1.2.840.113549.1.9.8
Table 2.7, "Allowed Characters
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?