1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Crldistributionpointsext Plug-In Module; Configuration Parameters Of Crldistributionpointsext - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

CRLDistributionPointsExt Plug-in Module

CRLDistributionPointsExt Plug-in Module
The
CRLDistributionPointsExt
distribution points extension policy. This policy enables you to configure
Certificate Management System to add the CRL Distribution Points Extension
defined in X.509 and PKIX standard RFC 2459 (see
http://www.ietf.org/rfc/rfc2459.txt
present in a certificate, identifies one or more locations from where the application
that is validating the certificate can obtain the CRL information (to verify the
revocation status of the certificate).
For general guidelines on setting the CRL distribution points extension in
certificates, see "cRLDistributionPoints" on page 345.
The CRL distribution points extension policy in Certificate Management System
enables you to specify pointers to one or more CRL locations. The pointers can be
in these forms: the name of the X.500 directory that stores the CRL, the URI to the
location that contains the CRL, or both.
Note that in the current implementation, the policy supports only two name forms
for distribution points, X.500 Directory Name and URI; URIs described in this
document support two CRL retrieval mechanisms, LDAP-based and HTTP-based.
Optionally, each distribution point may contain a set of reason flags, indicating
what revocation reasons are covered by the CRL at that location. Also, the
distribution point location can be relative to the location of the issuer. In this last
case, the
location of the issuer.
You can modify the policy to support any name form by making appropriate
changes to the sample code provided for this purpose. The sample code is located
here:
During installation, Certificate Management System automatically creates an
instance of the CRL distribution points extension policy. See
"CRLDistributionPointsExt Rule" on page 168.
Configuration Parameters of
CRLDistributionPointsExt
In the CMS configuration file, the
identified as
com.netscape.certsrv.policy.CRLDistributionPointsExt
<subsystem>
164
Netscape Certificate Management System Plug-ins Guide • October 2001
and
issuerName
issuerType
<server_root>/cms_sdk/cms_jdk/samples/policies
<subsystem>.Policy.impl.CRLDistributionPointsExt.class=
is
or
(prefix identifying the subsystem).
ca
ra
plug-in module implements the CRL
) to certificates. This extension, when
parameters should be included to give the
CRLDistributionPointsExt
module is
, where

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents