PrivateKeyUsagePeriodExt Plug-in Module
Chapter
4
Certificate Extension Plug-in Modules
229
The private key usage period extension policy in Certificate Management System
allows setting of the private key usage period extension as defined in its X.509
definition. The policy enables you to specify values for the
notBefore
and
notAfter
components. When included in a certificate, the
notBefore
and
notAfter
components define the time before and after which the private key
associated with the certificate should not be used to sign objects.
Configuration Parameters of
PrivateKeyUsagePeriodExt
In the CMS configuration file, the
PrivateKeyUsagePeriodExt
module is
identified as
<subsystem>.Policy.impl.PrivateKeyUsagePeriodExt.class=
com.netscape.cms.policy.PrivateKeyUsagePeriodExt
, where
<subsystem>
is
ca
or
ra
(prefix identifying the subsystem).
In the CMS window, the module is identified as
PrivateKeyUsagePeriodExt
.
Figure 4-25 shows how the configurable parameters for the module are displayed
in the CMS window.
Figure 4-25
Parameters defined in the PrivateKeyUsagePeriodExt module
The configuration shown in Figure 4-25 creates a policy rule named
PrivKeyUsagePrdExtForClientCert
, which enforces a rule that the server should
set the private key usage period extension in client certificates.
Summary of Contents for Certificate Management System 6.0
Page 1: ...Plug Ins Guide Netscape Certificate Management System Version6 0 March 2002...
Page 10: ...10 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 62: ...Enrollment Forms 62 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 308: ...NTEventLog Plug in Module 308 Netscape Certificate Management System Plug Ins Guide March 2002...