1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Uniquesubjectnameconstraints Plug-In Module; Configuration Parameters Of Uniquesubjectnameconstraints - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

UniqueSubjectNameConstraints Plug-in Module

UniqueSubjectNameConstraints Plug-in Module
The
plug-in module implements the unique
UniqueSubjectNameConstraints
subject name constraints policy. This policy restricts the server from issuing
multiple certificates with same subject names. Optionally, you can also configure
the server to allow multiple certificates with the same subject name if the key
usages are different. Note that key usages for certificates are usually specified by
the key usage extension and Certificate Management System allows you to add this
extension to certificates using the key usage extension policy explained in
"KeyUsageExt Plug-in Module" on page 187.
You may apply the unique subject name constraints policy to end-entity certificate
enrollment and renewal requests. For example, if you want to prevent your users
from requesting multiple certificates with same subject names, you can configure
the server accordingly using the policy. Alternatively, if you want to allow your
users to own multiple certificates, each for a different use, all having the same
subject name, you can do so easily using the
enableKeyUsageExtensionChecking
parameter defined in this policy. This parameter makes the server check whether
the key usages specified in the certificate request being processed is different than
those specified in the existing certificates that have the same subject names and
accordingly issue or deny the certificate. Keep in mind that the server can check for
key usages only if the key usage extension bits are set in the certificate request
being processed as well as in the existing certificates that have the same subject
names.
During installation, Certificate Management System automatically creates an
instance of the unique subject name constraints policy. See
"UniqueSubjectNameConstraints Rule" on page 122.
Configuration Parameters of
UniqueSubjectNameConstraints
In the CMS configuration file, the
module is
UniqueSubjectNameConstraints
identified as
ca.Policy.impl.UniqueSubjectNameConstraints.class=
.
com.netscape.certsrv.policy.UniqueSubjectNameConstraints
In the CMS window, the module is identified as
.
UniqueSubjectNameConstraints
Figure 3-12 shows how configurable parameters for the module are displayed in
the CMS window.
Chapter 3
Constraints Policy Plug-in Modules
119

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents