AuthorityKeyIdentifierExt Plug-in Module
142
Netscape Certificate Management System Plug-Ins Guide • March 2002
❍
Uses the SHA-1 hash of the CA’s subject public key information as the key
identifier. This option is compatible with Netscape Communicator when
the CA does not have a subject public key identifier extension.
❍
Does not set the authority key identifier extension.
•
Adds a authority key identifier extension to an enrollment request if the
extension does not already exist. If the extension exists in the request, for
example from a CRMF request, the policy replaces the extension. In case of
manual enrollments, after an agent approves the enrollment request, the policy
accepts any authority key identifier extension that is already there.
During installation, Certificate Management System automatically creates an
instance of the authority key identifier extension policy. See
“AuthorityKeyIdentifierExt Rule” on page 144.
Configuration Parameters of
AuthorityKeyIdentifierExt
In the CMS configuration file, the
AuthorityKeyIdentifierExt
module is
identified as
ca.Policy.impl.AuthorityKeyIdentifierExt.class=
com.netscape.cms.policy.AuthorityKeyIdentifierExt
.
In the CMS window, the module is identified as
AuthorityKeyIdentifierExt
.
Figure 4-3 shows how the configurable parameters for the module are displayed in
the CMS window.
Figure 4-3
Parameters defined in the AuthorityKeyIdentifierExt module
Summary of Contents for Certificate Management System 6.0
Page 1: ...Plug Ins Guide Netscape Certificate Management System Version6 0 March 2002...
Page 10: ...10 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 62: ...Enrollment Forms 62 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 308: ...NTEventLog Plug in Module 308 Netscape Certificate Management System Plug Ins Guide March 2002...