Netscape MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION Manual page 53

Parameters Accepted by the Enrollment Interface (Continued)
Table 3-7
Parameter
key_agreement
key_certsign
key_encipherment
non_repudiation
Automated Enrollment
authenticator
uid
pin
pwd
Other
certNickname
Format and Description
true | false
Sets the keyUsage extension bit (4) indicating that the key may be used to
encipher and decipher keys during key agreement.
true | false
Sets the keyUsage extension bit (5) indicating that the key may be used to sign
other certificates. All CA signing certificates should set this parameter to true.
true | false
Sets the keyUsage extension bit (2) indicating that the key may be used to
encipher symmetric session keys. This parameter should be true for SSL
server and S/MIME encryption certificates.
true | false
Sets the keyUsage extension bit (1) indicating that the key may be used to
create non-repudiable (by the signer) digital signatures. Non-repudiation
service requires more infrastructure, planning, and policy than just setting this
bit. Consider the ramifications before using this bit
Parameters to configure automatic authentication for entity requests.
string
Specifies the name of the authentication plug-in instance to use to authenticate
the entity.
string
Specifies a unique identifier passed to the authentication plug-in.
string
An optional identifying string that helps to authenticate an entity. Usually used
when the Pin Generator tool has been used to populate a directory with unique
identifiers for each user.
string
Specifies the password passed to the authentication plug-in.
string
Specifies the nickname that should be associated with the certificate in the
reply; used with Certificate Request Management Format (CRMF) requests.
Chapter 3 End-Entity Interface Reference
Enrollment Interface
53