Table of Contents
Advertisement
Table 4-22 Description of parameters defined in the PolicyConstraintsExt module (Continued)
Parameter
Description
Specifies whether the extension should be marked critical or noncritical in certificates
critical
specified by the predicate parameter. Check the box if you want the server to mark
the extension critical. Uncheck the box if you want the server to mark the extension
noncritical (default).
Specifies the total number of certificates permitted in the path before an explicit
reqExplicit
policy is required—that is, the number of CA certificates that can be chained below
Policy
(subordinate to) the subordinate CA certificate being issued before an acceptable
policy is required.
Note that the number you specify affects the number of CA certificates to be used
during certificate validation. The chain starts with the end-entity certificate being
validated and moving up the chain. (The parameter has no effect if the extension is set
in end-entity certificates.)
Permissible values: -1, 0, or n.
• -1 specifies that the field should not be set in the extension (default).
• 0 specifies that no subordinate CA certificates are permitted in the path before an
• n must be an integer that is greater than zero. It specifies at the most n
Example: 1
Specifies the total number of certificates permitted in the path before policy mapping
inhibitPolicy
is no longer permitted.
Mapping
Permissible values: -1, 0, or n.
• -1 specifies that the field should not be set in the extension (default).
• 0 specifies that no subordinate CA certificates are permitted in the path before
• n must be an integer that is greater than zero. It specifies at the most n
Example: -1
explicit policy is required.
subordinate CA certificates are allowed in the path before an explicit policy is
required.
policy mapping is no longer permitted.
subordinate CA certificates are allowed in the path before policy mapping is no
longer permitted. For example, a value of one indicates that policy mapping may
be processed in certificates issued by the subject of this certificate, but not in
additional certificates in the path.
PolicyConstraintsExt Plug-in Module
Chapter 4
Certificate Extension Plug-in Modules
223
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN