Chapter 12. Certificate Profiles
270
Parameter
Description
For example,
0:0:0:0:0:0:13.1.68.3
,
FF01::43
,
0:0:0:0:0:0:13.1.68.3,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:255.255.255.0
,
and
FF01::43,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:0000
.
• For
OIDName
, the value must be a unique, valid OID
specified in dot-separated numeric component notation. For
example,
1.2.3.4.55.6.5.99
.
•
OtherName
is used for names with any other format;
this supports
PrintableString
,
IA5String
,
UTF8String
,
BMPString
,
Any
, and
KerberosName
.
PrintableString
,
IA5String
,
UTF8String
,
BMPString
, and
Any
set a string to a base-64 encoded
file specifying the subtree, such as
/var/lib/rhpki-
ca/othername.txt
.
KerberosName
has the format
Realm|NameType|NameStrings
, such as
realm1|0|
userID1,userID2
.
PermittedSubtreeEnable_
n
Select
true
to enable this permitted subtree entry.
ExcludedSubtrees
n
.min
Specifies the minimum number of excluded subtrees.
•
-1
specifies that the field should not be set in the extension.
•
0
specifies that the minimum number of subtrees is zero.
•
n
must be an integer that is greater than zero. This sets the
minimum number of required subtrees.
ExcludedSubtreeMax_
n
Specifies the maximum number of excluded subtrees.
•
-1
specifies that the field should not be set in the extension.
•
0
specifies that the maximum number of subtrees is zero.
•
n
must be an integer that is greater than zero. This sets the
maximum number of allowed subtrees.
ExcludedSubtreeNameChoice_
n
Specifies the general name type for the excluded subtree to
include in the extension. The permissible values are as follows:
• RFC822Name
• DirectoryName
• DNSName
• EDIPartyName
• URIName
• IPAddress
• OIDName
• OtherName
Содержание CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
Страница 36: ...Chapter 1 Overview 16 Figure 1 4 Certificate System Architecture ...
Страница 144: ...124 ...
Страница 160: ...140 ...
Страница 208: ...188 ...
Страница 210: ...190 ...
Страница 256: ...236 ...
Страница 282: ...Chapter 12 Certificate Profiles 262 Parameter IssuerName_n IssuerType_n ...
Страница 285: ...Freshest CRL Extension Default 265 Parameter PointName_n PointIssuerName_n ...
Страница 335: ...Configuring Mappers 315 Figure 14 9 Selecting a New Mapper Type 6 Edit the mapper instance and click OK ...
Страница 362: ...342 ...
Страница 376: ...356 ...
Страница 436: ...416 ...
Страница 490: ...470 ...
Страница 504: ...484 ...