1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Renewalconstraintsrule Rule - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

The configuration shown in Figure 3-6 creates a policy rule named
RenewExpiredClientCert
expired client certificates, if it's done within 30 days from the expiry date.
Table 3-6 gives details about each of the parameters.
Description of parameters defined in the RenewalConstraints module
Table 3-6
Parameter
enable
predicate
allowExpiredCerts
renewalNotAfter

RenewalConstraintsRule Rule

The rule named
RenewalConstraints
creates this rule during installation. By default, the rule is configured as follows:
The rule is enabled.
The predicate expression is left blank so that the policy is applied to all
certificate renewal requests processed by the server.
, which specifies that the server should allow renewal of
Description
Specifies whether the rule is enabled or disabled. Check the box to enable the rule
(default). Uncheck the box to disable the rule.
• If you enable the rule and set the remaining parameters correctly, the server
verifies the validity period of the certificate being renewed, checks the value
assigned to the allowExpiredCerts parameter, and accordingly allows or
denies the renewal request.
• If you disable the rule, the server does not verify the validity period of the
certificate being renewed; it simply renews the certificate.
Specifies the predicate expression for this rule. If you want the rule to be applied
to all certificate requests, leave the field blank (default). To form a predicate
expression, see section "Using Predicates in Policy Rules" in Chapter 18, "Setting
Up Policies" of CMS Installation and Setup Guide.
Example: HTTP_PARAMS.certType==client
Specifies whether to allow or prevent renewal of expired certificates. Check the
box if you want the server to renew expired certificates (default). Uncheck the
box if you don't want the server to renew expired certificates.
Specifies how long, in days, after the expiration of a certificate can it be renewed.
The default value is 30 days. If you leave the field blank, the server will renew all
expired certificates that are submitted for renewal.
Example: 15
RenewalConstraintsRule
module. Certificate Management System automatically
RenewalConstraints Plug-in Module
is an instance of the
Chapter 3
Constraints Policy Plug-in Modules
103

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents