Table of Contents
Advertisement
Extension-Specific Policy Module Reference
The value of an HTTP input variable corresponding to a key-usage bit must be
either
example, a value
values
Table 11-28 KeyUsageExt Configuration Parameters
Parameter
enable
predicate
critical
digitalSignature
nonRepudiation
538
Netscape Certificate Management System Administrator's Guide • February 2003
or
; any other value is considered equivalent to
true
false
would be interpreted as
tree
and
are case insensitive.
true
false
Description
Specifies whether the rule is enabled or disabled. Select to enable, deselect to
disable.
Specifies the predicate expression for this rule. If you want this rule to be applied to
all certificate requests, leave the field blank (default). To form a predicate
expression, see section admin"Using Predicates in Policy Rules" in Chapter 18,
"Setting Up Policies" of CMS Administrator's Guide.
Example: HTTP_PARAMS.certType==client
Specifies whether the extension should be marked critical or noncritical. Select to
mark critical (default), deselect to mark noncritical.
Specifies whether to set the digitalSignature bit (or bit 0) of the key usage
extension in certificates specified by the predicate parameter.
Permissible values: true, false, or HTTP_INPUT.
• Select true if you want the server to set the bit (default).
• Select false if you don't want the server to set the bit.
• Select HTTP_INPUT if you want the server to check the certificate request for
the HTTP input variable corresponding to the digitalSignature bit and set
the bit accordingly. If the variable is set to true, the server sets the bit. If the
variable doesn't exist or if it is set to false (or any other value), the server
doesn't set the bit.
Specifies whether to set the nonRepudiation bit (or bit 1) of the key usage
extension in certificates specified by the predicate parameter.
Permissible values: true, false, or HTTP_INPUT.
• Select true if you want the server to set the bit (default).
• Select false if you don't want the server to set the bit.
• Select HTTP_INPUT if you want the server to check the certificate request for
the HTTP input variable corresponding to the nonRepudiation bit and set
the bit accordingly. If the variable is set to true, the server sets the bit. If the
variable doesn't exist or if it is set to false (or any other value), the server
doesn't set the bit.
false
by the server. Note that
false
. For
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN