Table of Contents
Advertisement
Note that if you installed the Certificate Manager with it's built-in OCSP service
enabled, the policy rule will be enabled and the address location (
will be pointed to the Certificate Manager's non-SSL end-entity port. For example,
if the non-SSL end-entity port of your Certificate Manager is 80, the URL would
look like this:
NOTE
Table 11-15 AuthInfoAccessExt Configuration Parameters
Parameter
Description
Specifies whether the rule is enabled or disabled. Select to enable, deselect to disable.
enable
Specifies the predicate expression for this rule. If you want this rule to be applied to
predicate
all certificate requests, leave the field blank (default). To form a predicate expression,
see "Using Predicates in Policy Rules" on page 485.
Specifies whether the extension should be marked critical or noncritical. Select to
critical
mark critical, deselect to mark noncritical (default).
Specifies the total number of access locations to be contained or allowed in the
numADs
extension. The default is set to 3. You can set 0 specifying no locations can be
contained in the extension, or any integer <n>, number of fields.
Note that each location has its own set of configuration parameters and you must
specify appropriate values for each of those parameters; otherwise the policy rule will
return an error. Each set of configuration parameters is distinguished by <n>, which
is an integer derived from the value you assign in this field. For example, if you set
the numADs parameter to 2, <n> would be 0 and 1.
Specifies the access method for retrieving additional information about the CA that
ad<n>_method
has issued the certificate in which the extension appears.
http://ocspResponder.example.com:80/ocsp
The CMS configuration file (
jss.ocspcheck.enable
CMS manager should use Online Certificate Status Protocol (OCSP)
to verify the revocation status of the certificate it receives as a part
of SSL client or server authentication (from clients or servers it
makes connections with). If you change the value of this parameter
to
, the CMS manager reads the Authority Information Access
true
extension in the certificate and verifies the revocation status of the
certificate from the OCSP responder specified in the extension.
Extension-Specific Policy Module Reference
) includes a parameter named
CMS.cfg
, which enables you to specify whether a
)
ad0_location=
Chapter 11
Policies
511
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN