Table of Contents
Advertisement
In addition, the directory-based authentication manager will formulate the subject
name of the issuing certificate (It will forms the subject name by using the
dnPattern attribute), and it will place the subject name into an internal data
structured called AuthToken.
This default is responsible for reading the subject name from the AuthToken and
place it into the certificate request so that the final certificate will contain the subject
name.
You can define the following constraints with this default: No Constraints see "No
Constraint," on page 477.
User Supplied Extension Default
This class implements an enrollment default policy that populates a user-supplied
extension into the certificate request. If included in the certificate profile, allows a
user to define extensions.
No inputs are provided to add user supplied extensions to the enrollment form.
You can create an input for this purpose using the CMS SDK. You can also submit a
request that contains this information.
You can define the following constraints with this default:
•
Extended Key Usage Constraint, see "Extended Key Usage Extension
Constraint," on page 474.
•
Extension Constraint, see "Extension Constraint," on page 475, Key Constraint
see "Key Constraint," on page 475.
•
Netscape Certificate Type Extension Constraint, see "Netscape Certificate Type
Extension Constraint," on page 477.
•
No Constraints see "No Constraint," on page 477.
User Supplied Key Default
This default populates a user supplied key into the certificate request. This is a
required default. Keys are part of the enrollment request.
You can define the following constraints with this default:
•
Key Constraint, see "Key Constraint," on page 475.
•
No Constraints, see "No Constraint," on page 477.
Defaults Reference
Chapter 10
Certificate Profiles
471
Advertisement
Table of Contents
