Table of Contents
Advertisement
•
Extension Constraint, see "Extension Constraint," on page 473
•
No Constraints, see "No Constraint," on page 475.
Table 10-5 Extended Key Usage Extension Default Configuration Parameters
Parameter
Critical
OIDs
Freshest CRL Extension Default
This default populates the Freshest CRL extension in the certificate request. The
Freshest CRL Extension Default
Manager to set the FreshestCRL Extension in certificate.
You can define the following constraints with this default:
•
Extension Constraint, see "Extension Constraint," on page 473.
•
No Constraints, see "No Constraint," on page 475.
This default allows you to define 5 locations and specify parameters for each
location. The parameters are marked with an
parameter is associated with one of the five possible locations.
Description
Select true to mark this extension critical; select false to mark the
extension noncritical.
Specifies the OID that identifies a key-usage purpose.
Permissible values: A unique, valid OID specified in the
dot-separated numeric component notation. Depending on the
key-usage purposes, you may choose to use the OIDs designated
by PKIX (listed in Table 10-4 on page 452) or define your own
OIDs. If you're defining your own OID, it should be in the
registered subtree of IDs reserved for your company's use.
Although you can invent your own OIDs for the purposes of
evaluating and testing this server, in a production environment,
you should comply with the ISO rules for defining OIDs and for
registering subtrees of IDs. See
Identifiers"
for information on allocating private OIDs.
Example: 2.16.840.1.113730.1.99
enables you to configure a Certificate
Appendix H, "Object
in the table to distinguish that the
<n>
Chapter 10
Certificate Profiles
Defaults Reference
453
Advertisement
Table of Contents
