Table of Contents
Advertisement
Table 5-2
Description of parameters defined in the LdapCaSimpleMap module
Parameter
Description
Specifies whether the Certificate Manager should create an entry for the CA in the
createCAEntry
publishing directory. Check the box if you want the server to create a CA's entry
(default). Uncheck the box if you don't want the server to create an entry.
If you check the box, the Certificate Manager first attempts to create an entry for the
CA in the directory. If the Certificate Manager succeeds in creating the entry, it then
attempts to publish the CA's certificate to the entry. Note that the CA's entry DN in
the directory will match the pattern you specify in the dnPattern field. For
example, if the issuer DN (specified in the CA's signing certificate) is CN=testCA,
OU=Research Dept, O=Example Corporation, C=US, and the dnPattern is
set to CN=$subj.cn,OU=$subj.ou,O=$subj.o,C=US, the Certificate Manager
creates an entry with CN=testCA, OU=Research Dept, O=Example
Corporation, C=US as its DN.
Specifies the DN pattern the Certificate Manager should use to construct the DN in
dnPattern
order to search for the CA's entry in the publishing directory. The value of
dnPattern can be a list of AVAs separated by commas. An AVA can be a variable,
such as CN=$subj.cn, that the Certificate Manager can derive from the certificate
subject name, or a constant, such as O=Example Corporation.
Note that if your CA certificate does not have the CN component in its subject name,
be sure to adjust the CA certificate mapping DN pattern to reflect the DN of the entry
in the directory where the CA certificate is to be published. For example, if your CA
certificate subject DN is O=Example Corporation and the CA's entry in the
directory is cn=Certificate Authority, o=Example Corporation, the
pattern should look like this: cn=Certificate Authority, o=$subj.o
(This rule applies to other mappers as well.)
Permissible values: A valid pattern that will enable the Certificate Manager to
construct the DN for the CA's entry.
Example 1: uid=CertMgr, o=Example Corporation
Example 2: CN=$subj.cn,OU=$subj.ou,O=$subj.o,C=US
Example 3: uid=$req.HTTP_PARAMS.uid,
E=$ext.SubjectAlternativeName.RFC822Name,ou=$subj.ou
In the above examples, $req means take the attribute from the certificate request,
$subj means take the attribute from the certificate subject name, and $ext means
take the attribute from the certificate extension.
LdapCaSimpleMap Plug-in Module
Chapter 5
Mapper Plug-in Modules
253
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN