Table of Contents
Advertisement
During installation, CMS automatically creates multiple instances of the key usage
extension policy suitable for various types of certificates that you may want the
server to issue. The default instances are named as follows:
•
CMCertKeyUsageExt
Certificate Manager CA signing certificates and is enabled by default.
The server is configured to set
, and
keyCertsign
key-usage bits specified in the default policy rule match the bits specified in the
enrollment form (
•
RMCertKeyUsageExt
Registration Managers' signing certificates and is enabled by defualt.
The server is configured to set
Registration Manager signing certificates. Notice that the key-usage bits
specified in the default policy rule match the bits specified in the enrollment
form (
ManRAEnroll.html
certificates.
•
ServerCertKeyUsageExt
bits in SSL server certificates and is enabled by default.
The server is configured to set
keyEncipherment
Notice that the key-usage bits specified in the default policy rule match the bits
specified in the enrollment form (
server certificates.
•
ClientCertKeyUsageExt
bits in SSL client certificates and is enabled by default.
•
ObjSignCertKeyUsageExt
bits in object signing certificates and is enabled by default.
The server is configured to set
object-signing certificates. Notice that the key-usage bits specified in the
default policy rule match the bits specified in the enrollment form
(
ManObjSignEnroll.html
•
CRLSignCertKeyUsageExt
bits in a CRL signing certificate and is enabled by default.
The server is configured to set the
This rule is for setting the appropriate key-usage bits in
digitalSignature
bits in CA signing certificates. Notice that the
cRLSign
) for requesting CA signing certificates.
ManCAEnroll.html
This rule is for setting the appropriate key-usage bits in
digitalSignature
) for requesting Registration Manager signing
This rule is for setting the appropriate key-usage
digitalSignature
, and
dataEncipherment
ManServerEnroll.html
This rule is for setting the appropriate key-usage
This rule is for setting the appropriate key-usage
digitalSignature
) for requesting object-signing certificates.
This rule is for setting the appropriate key-usage
cRLSign
Extension-Specific Policy Module Reference
,
nonRepudiation
and
nonRepudiation
,
nonRepudiation
bits in SSL server certificates.
) for requesting SSL
and
keyCertsign
bit in CRL signing certificates.
Chapter 11
,
bits in
,
bits in
Policies
537
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN