Extension-Specific Policy Module Reference
562
Netscape Certificate Management System Administrator’s Guide • February 2003
SubjectKeyIdentifierExt
The
SubjectKeyIdentifierExt
plug-in module enables you to add the Subject Key
Identifier Extension to certificates. The extension is used to identify certificates that
contain a particular public key—that is, the extension is used to uniquely identify a
certificate from among several that have the same subject name.
critical
Specifies whether the extension should be marked critical or noncritical. Select
to mark critical, deselect to mark noncritical (default).
numAttributes
Specifies the total number of directory attributes to be contained or allowed in
the extension.
You can configure the server to include up to three attributes in the extension.
By default, this field is set to its maximum value,
3
, and the UI shows fields for
configuring three attributes. You can change the total number of attributes by
changing the value of this parameter. Each set of configuration parameters is
distinguished by
<n>
, which is an integer derived from the value you assign in
this field. For example, if you set the
numAttributes
parameter to 2,
<n>
would be
0
and
1
.
attribute<n>.attrib
uteName
Specifies the name of the directory attribute whose value is to be included in
the extension.
Permissible values:
TITLE
,
O
,
OU
,
L
,
E
,
C
,
GIVENNAME
,
DC
,
UID
,
CN
,
UNSTRUCTUREDNAME
,
GENERATIONQUALIFIER
,
ST
,
DNQUALIFIER
,
SN
,
,
UNSTRUCTUREDADDRESS
,
STREET
,
SERIALNUMBER
, and
INITIALS
. The list
may show any additional attributes that you may have added.
attribute<n>.whereT
oGetValue
Specifies where to get the value for the selected directory attribute.
• Select
Request Attribute
if you want the server to read the value from
the request attribute.
• Select
Fixed Value
if you want to specify a fixed value for the attribute.
Note that both the options require you to enter the value for the attribute in the
attribute<n>.value
field. The server will set the extension with this value
in all certificates specified by the
predicate
parameter.
attribute<n>.value
Specifies the value for the directory attribute to be included in the extension.
Permissible value: A string value for the attribute selected.
Example:
Member of Technical Staff
Table 11-40
SubjectDirectoryAttributesExt Configuration Parameters (Continued)
Parameter
Description
Summary of Contents for Certificate Management System 6.1
Page 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Page 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Page 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Page 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Page 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Page 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Page 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...