summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/DomainController.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/ca/shared/profiles/ca/DomainController.cfg')
-rw-r--r--pki/base/ca/shared/profiles/ca/DomainController.cfg130
1 files changed, 130 insertions, 0 deletions
diff --git a/pki/base/ca/shared/profiles/ca/DomainController.cfg b/pki/base/ca/shared/profiles/ca/DomainController.cfg
new file mode 100644
index 000000000..81cba3214
--- /dev/null
+++ b/pki/base/ca/shared/profiles/ca/DomainController.cfg
@@ -0,0 +1,130 @@
+desc=This profile is for enrolling Domain Controller Certificate
+enable=true
+enableBy=admin
+name=Domain Controller
+visible=true
+auth.instance_id=AgentCertAuth
+input.list=i1,i2,i3
+input.i1.class_id=certReqInputImpl
+input.i2.class_id=submitterInfoInputImpl
+input.i3.class_id=genericInputImpl
+input.i3.params.gi_display_name0=ccm
+input.i3.params.gi_param_enable0=true
+input.i3.params.gi_param_name0=ccm
+input.i3.params.gi_display_name1=GUID
+input.i3.params.gi_param_enable1=true
+input.i3.params.gi_param_name1=GUID
+input.i3.params.gi_num=2
+output.list=o1,o2
+output.o1.class_id=certOutputImpl
+output.o2.class_id=pkcs7OutputImpl
+policyset.list=set1
+policyset.set1.list=p2,p4,p5,subj,p6,p8,p9,p12,eku,gen,crldp
+policyset.set1.subj.constraint.class_id=noConstraintImpl
+policyset.set1.subj.constraint.name=No Constraint
+policyset.set1.subj.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
+policyset.set1.subj.default.name=nsTokenUserKeySubjectNameDefault
+#policyset.set1.p1.default.params.dnpattern=UID=$request.uid$, E=$request.mail$, O=Token Key User
+#policyset.set1.subj.default.params.dnpattern=CN=GEMSTAR,OU=Domain Controllers,DC=test,dc=local
+policyset.set1.subj.default.params.dnpattern=CN=$request.ccm$
+policyset.set1.subj.default.params.ldap.enable=false
+policyset.set1.subj.default.params.ldap.searchName=uid
+policyset.set1.subj.default.params.ldapStringAttributes=uid,mail
+policyset.set1.subj.default.params.ldap.basedn=
+policyset.set1.subj.default.params.ldap.maxConns=4
+policyset.set1.subj.default.params.ldap.minConns=1
+policyset.set1.subj.default.params.ldap.ldapconn.Version=2
+policyset.set1.subj.default.params.ldap.ldapconn.host=
+policyset.set1.subj.default.params.ldap.ldapconn.port=
+policyset.set1.subj.default.params.ldap.ldapconn.secureConn=false
+policyset.set1.p2.constraint.class_id=noConstraintImpl
+policyset.set1.p2.constraint.name=No Constraint
+policyset.set1.p2.default.class_id=validityDefaultImpl
+policyset.set1.p2.default.name=Validity Default
+policyset.set1.p2.default.params.range=1825
+policyset.set1.p2.default.params.startTime=0
+policyset.set1.p4.constraint.class_id=noConstraintImpl
+policyset.set1.p4.constraint.name=No Constraint
+policyset.set1.p4.default.class_id=signingAlgDefaultImpl
+policyset.set1.p4.default.name=Signing Algorithm Default
+policyset.set1.p4.default.params.signingAlg=-
+policyset.set1.p5.constraint.class_id=noConstraintImpl
+policyset.set1.p5.constraint.name=No Constraint
+policyset.set1.p5.default.class_id=keyUsageExtDefaultImpl
+policyset.set1.p5.default.name=Key Usage Extension Default
+policyset.set1.p5.default.params.keyUsageCritical=true
+policyset.set1.p5.default.params.keyUsageCrlSign=false
+policyset.set1.p5.default.params.keyUsageDataEncipherment=false
+policyset.set1.p5.default.params.keyUsageDecipherOnly=false
+policyset.set1.p5.default.params.keyUsageDigitalSignature=true
+policyset.set1.p5.default.params.keyUsageEncipherOnly=false
+policyset.set1.p5.default.params.keyUsageKeyAgreement=false
+policyset.set1.p5.default.params.keyUsageKeyCertSign=false
+policyset.set1.p5.default.params.keyUsageKeyEncipherment=true
+policyset.set1.p5.default.params.keyUsageNonRepudiation=false
+policyset.set1.p6.constraint.class_id=noConstraintImpl
+policyset.set1.p6.constraint.name=No Constraint
+policyset.set1.p6.default.class_id=subjectAltNameExtDefaultImpl
+policyset.set1.p6.default.name=Subject Alternative Name Extension Default
+policyset.set1.p6.default.params.subjAltExtGNEnable_0=true
+policyset.set1.p6.default.params.subjAltExtGNEnable_1=true
+policyset.set1.p6.default.params.subjAltExtPattern_0=$request.ccm$
+policyset.set1.p6.default.params.subjAltExtType_0=DNSName
+policyset.set1.p6.default.params.subjAltExtPattern_1=(Any)1.3.6.1.4.1.311.25.1,0410$request.GUID$
+policyset.set1.p6.default.params.subjAltExtType_1=OtherName
+policyset.set1.p6.default.params.subjAltNameExtCritical=false
+policyset.set1.p6.default.params.subjAltNameNumGNs=2
+policyset.set1.5.constraint.class_id=noConstraintImpl
+policyset.set1.5.constraint.name=No Constraint
+policyset.set1.5.default.class_id=authInfoAccessExtDefaultImpl
+policyset.set1.5.default.name=AIA Extension Default
+policyset.set1.5.default.params.authInfoAccessADEnable_0=true
+policyset.set1.5.default.params.authInfoAccessADLocationType_0=URIName
+policyset.set1.5.default.params.authInfoAccessADLocation_0=http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit
+policyset.set1.5.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.2
+policyset.set1.5.default.params.authInfoAccessCritical=false
+policyset.set1.5.default.params.authInfoAccessNumADs=1
+policyset.set1.eku.constraint.class_id=noConstraintImpl
+policyset.set1.eku.constraint.name=No Constraint
+policyset.set1.eku.default.class_id=extendedKeyUsageExtDefaultImpl
+policyset.set1.eku.default.name=Extended Key Usage Extension Default
+policyset.set1.eku.default.params.exKeyUsageCritical=false
+policyset.set1.eku.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2
+policyset.set1.p8.constraint.class_id=noConstraintImpl
+policyset.set1.p8.constraint.name=No Constraint
+policyset.set1.p8.default.class_id=subjectKeyIdentifierExtDefaultImpl
+policyset.set1.p8.default.name=Subject Key Identifier Default
+policyset.set1.p9.constraint.class_id=noConstraintImpl
+policyset.set1.p9.constraint.name=No Constraint
+policyset.set1.p9.default.class_id=authorityKeyIdentifierExtDefaultImpl
+policyset.set1.p9.default.name=Authority Key Identifier Extension Default
+policyset.set1.p12.constraint.class_id=basicConstraintsExtConstraintImpl
+policyset.set1.p12.constraint.name=Basic Constraints Extension Constraint
+policyset.set1.p12.constraint.params.basicConstraintsCritical=-
+policyset.set1.p12.constraint.params.basicConstraintsIsCA=-
+policyset.set1.p12.constraint.params.basicConstraintsMaxPathLen=-1
+policyset.set1.p12.constraint.params.basicConstraintsMinPathLen=-1
+policyset.set1.p12.default.class_id=basicConstraintsExtDefaultImpl
+policyset.set1.p12.default.name=Basic Constraints Extension Default
+policyset.set1.p12.default.params.basicConstraintsCritical=false
+policyset.set1.p12.default.params.basicConstraintsIsCA=false
+policyset.set1.p12.default.params.basicConstraintsPathLen=-1
+policyset.set1.crldp.constraint.class_id=noConstraintImpl
+policyset.set1.crldp.constraint.name=No Constraint
+policyset.set1.crldp.default.class_id=crlDistributionPointsExtDefaultImpl
+policyset.set1.crldp.default.name=crlDistributionPointsExtDefaultImpl
+policyset.set1.crldp.default.params.crlDistPointsCritical=false
+policyset.set1.crldp.default.params.crlDistPointsNum=1
+policyset.set1.crldp.default.params.crlDistPointsEnable_0=true
+policyset.set1.crldp.default.params.crlDistPointsIssuerName_0=
+policyset.set1.crldp.default.params.crlDistPointsIssuerType_0=
+policyset.set1.crldp.default.params.crlDistPointsPointName_0=http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit
+policyset.set1.crldp.default.params.crlDistPointsPointType_0=URIName
+policyset.set1.crldp.default.params.crlDistPointsReasons_0=
+policyset.set1.gen.constraint.class_id=noConstraintImpl
+policyset.set1.gen.constraint.name=No Constraint
+policyset.set1.gen.default.class_id=genericExtDefaultImpl
+policyset.set1.gen.default.name=Generic Extension
+#This is the Microsoft 'Certificate Template Name' Extensions. The Value is 'DomainController'
+policyset.set1.gen.default.params.genericExtOID=1.3.6.1.4.1.311.20.2
+policyset.set1.gen.default.params.genericExtData=1e200044006f006d00610069006e0043006f006e00740072006f006c006c00650072
generated by cgit (git 2.34.1) at 2024-04-26 13:05:44 +0000