summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/caOtherCert.cfg
diff options
context:
space:
mode:
authormharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2011-10-04 01:17:41 +0000
committermharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2011-10-04 01:17:41 +0000
commita4682ceae6774956461edd03b2485bbacea445f4 (patch)
tree94c475a125441da63101738220ce3972cf37db61 /pki/base/ca/shared/profiles/ca/caOtherCert.cfg
parent0c775428675d2cb1be9551f84e6b741ca813f77e (diff)
downloadpki-IPA_v2_RHEL_6_2_20111003.tar.gz
pki-IPA_v2_RHEL_6_2_20111003.tar.xz
pki-IPA_v2_RHEL_6_2_20111003.zip
Bugzilla Bug #688225 - (dogtagIPAv2.1) TRACKER: of the Dogtag fixes for freeIPA 2.1IPA_v2_RHEL_6_2_20111003
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/IPA_v2_RHEL_6_2_20111003@2252 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ca/shared/profiles/ca/caOtherCert.cfg')
-rw-r--r--pki/base/ca/shared/profiles/ca/caOtherCert.cfg85
1 files changed, 85 insertions, 0 deletions
diff --git a/pki/base/ca/shared/profiles/ca/caOtherCert.cfg b/pki/base/ca/shared/profiles/ca/caOtherCert.cfg
new file mode 100644
index 000000000..305a37b92
--- /dev/null
+++ b/pki/base/ca/shared/profiles/ca/caOtherCert.cfg
@@ -0,0 +1,85 @@
+desc=This certificate profile is for enrolling other certificates.
+visible=true
+enable=true
+enableBy=admin
+auth.class_id=
+name=Other Certificate Enrollment
+input.list=i1,i2
+input.i1.class_id=certReqInputImpl
+input.i2.class_id=submitterInfoInputImpl
+output.list=o1
+output.o1.class_id=certOutputImpl
+policyset.list=otherCertSet
+policyset.otherCertSet.list=1,2,3,4,5,6,7,8
+policyset.otherCertSet.1.constraint.class_id=subjectNameConstraintImpl
+policyset.otherCertSet.1.constraint.name=Subject Name Constraint
+policyset.otherCertSet.1.constraint.params.pattern=CN=.*
+policyset.otherCertSet.1.constraint.params.accept=true
+policyset.otherCertSet.1.default.class_id=userSubjectNameDefaultImpl
+policyset.otherCertSet.1.default.name=Subject Name Default
+policyset.otherCertSet.1.default.params.name=
+policyset.otherCertSet.2.constraint.class_id=validityConstraintImpl
+policyset.otherCertSet.2.constraint.name=Validity Constraint
+policyset.otherCertSet.2.constraint.params.range=720
+policyset.otherCertSet.2.constraint.params.notBeforeCheck=false
+policyset.otherCertSet.2.constraint.params.notAfterCheck=false
+policyset.otherCertSet.2.default.class_id=validityDefaultImpl
+policyset.otherCertSet.2.default.name=Validity Default
+policyset.otherCertSet.2.default.params.range=720
+policyset.otherCertSet.2.default.params.startTime=0
+policyset.otherCertSet.3.constraint.class_id=keyConstraintImpl
+policyset.otherCertSet.3.constraint.name=Key Constraint
+policyset.otherCertSet.3.constraint.params.keyType=RSA
+policyset.otherCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096
+policyset.otherCertSet.3.default.class_id=userKeyDefaultImpl
+policyset.otherCertSet.3.default.name=Key Default
+policyset.otherCertSet.4.constraint.class_id=noConstraintImpl
+policyset.otherCertSet.4.constraint.name=No Constraint
+policyset.otherCertSet.4.default.class_id=authorityKeyIdentifierExtDefaultImpl
+policyset.otherCertSet.4.default.name=Authority Key Identifier Default
+policyset.otherCertSet.5.constraint.class_id=noConstraintImpl
+policyset.otherCertSet.5.constraint.name=No Constraint
+policyset.otherCertSet.5.default.class_id=authInfoAccessExtDefaultImpl
+policyset.otherCertSet.5.default.name=AIA Extension Default
+policyset.otherCertSet.5.default.params.authInfoAccessADEnable_0=true
+policyset.otherCertSet.5.default.params.authInfoAccessADLocationType_0=URIName
+policyset.otherCertSet.5.default.params.authInfoAccessADLocation_0=
+policyset.otherCertSet.5.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
+policyset.otherCertSet.5.default.params.authInfoAccessCritical=false
+policyset.otherCertSet.5.default.params.authInfoAccessNumADs=1
+policyset.otherCertSet.6.constraint.class_id=keyUsageExtConstraintImpl
+policyset.otherCertSet.6.constraint.name=Key Usage Extension Constraint
+policyset.otherCertSet.6.constraint.params.keyUsageCritical=true
+policyset.otherCertSet.6.constraint.params.keyUsageDigitalSignature=true
+policyset.otherCertSet.6.constraint.params.keyUsageNonRepudiation=true
+policyset.otherCertSet.6.constraint.params.keyUsageDataEncipherment=true
+policyset.otherCertSet.6.constraint.params.keyUsageKeyEncipherment=true
+policyset.otherCertSet.6.constraint.params.keyUsageKeyAgreement=false
+policyset.otherCertSet.6.constraint.params.keyUsageKeyCertSign=false
+policyset.otherCertSet.6.constraint.params.keyUsageCrlSign=false
+policyset.otherCertSet.6.constraint.params.keyUsageEncipherOnly=false
+policyset.otherCertSet.6.constraint.params.keyUsageDecipherOnly=false
+policyset.otherCertSet.6.default.class_id=keyUsageExtDefaultImpl
+policyset.otherCertSet.6.default.name=Key Usage Default
+policyset.otherCertSet.6.default.params.keyUsageCritical=true
+policyset.otherCertSet.6.default.params.keyUsageDigitalSignature=true
+policyset.otherCertSet.6.default.params.keyUsageNonRepudiation=true
+policyset.otherCertSet.6.default.params.keyUsageDataEncipherment=true
+policyset.otherCertSet.6.default.params.keyUsageKeyEncipherment=true
+policyset.otherCertSet.6.default.params.keyUsageKeyAgreement=false
+policyset.otherCertSet.6.default.params.keyUsageKeyCertSign=false
+policyset.otherCertSet.6.default.params.keyUsageCrlSign=false
+policyset.otherCertSet.6.default.params.keyUsageEncipherOnly=false
+policyset.otherCertSet.6.default.params.keyUsageDecipherOnly=false
+policyset.otherCertSet.7.constraint.class_id=noConstraintImpl
+policyset.otherCertSet.7.constraint.name=No Constraint
+policyset.otherCertSet.7.default.class_id=extendedKeyUsageExtDefaultImpl
+policyset.otherCertSet.7.default.name=Extended Key Usage Extension Default
+policyset.otherCertSet.7.default.params.exKeyUsageCritical=false
+policyset.otherCertSet.7.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.1
+policyset.otherCertSet.8.constraint.class_id=signingAlgConstraintImpl
+policyset.otherCertSet.8.constraint.name=No Constraint
+policyset.otherCertSet.8.constraint.params.signingAlgsAllowed=SHA1withRSA,SHA256withRSA,SHA512withRSA,MD5withRSA,MD2withRSA,SHA1withDSA,SHA1withEC,SHA256withEC,SHA384withEC,SHA512withEC
+policyset.otherCertSet.8.default.class_id=signingAlgDefaultImpl
+policyset.otherCertSet.8.default.name=Signing Alg
+policyset.otherCertSet.8.default.params.signingAlg=-