summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg')
-rw-r--r--pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg86
1 files changed, 86 insertions, 0 deletions
diff --git a/pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg b/pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg
new file mode 100644
index 000000000..5ddf00776
--- /dev/null
+++ b/pki/base/ca/shared/profiles/ca/caJarSigningCert.cfg
@@ -0,0 +1,86 @@
+desc=This is an IPA profile for enrolling Jar Signing certificates.
+enable=true
+enableBy=admin
+name=Manual Jar Signing Certificate Enrollment
+visible=false
+auth.class_id=
+auth.instance_id=raCertAuth
+input.list=i1,i2
+input.i1.class_id=certReqInputImpl
+input.i2.class_id=submitterInfoInputImpl
+output.list=o1
+output.o1.class_id=certOutputImpl
+policyset.list=caJarSigningSet
+policyset.caJarSigningSet.list=1,2,3,4,5,6
+policyset.caJarSigningSet.1.constraint.class_id=subjectNameConstraintImpl
+policyset.caJarSigningSet.1.constraint.name=Subject Name Constraint
+policyset.caJarSigningSet.1.constraint.params.accept=true
+policyset.caJarSigningSet.1.constraint.params.pattern=.*
+policyset.caJarSigningSet.1.default.class_id=userSubjectNameDefaultImpl
+policyset.caJarSigningSet.1.default.name=Subject Name Default
+policyset.caJarSigningSet.1.default.params.name=
+policyset.caJarSigningSet.2.constraint.class_id=validityConstraintImpl
+policyset.caJarSigningSet.2.constraint.name=Validity Constraint
+policyset.caJarSigningSet.2.constraint.params.notAfterCheck=false
+policyset.caJarSigningSet.2.constraint.params.notBeforeCheck=false
+policyset.caJarSigningSet.2.constraint.params.range=2922
+policyset.caJarSigningSet.2.default.class_id=validityDefaultImpl
+policyset.caJarSigningSet.2.default.name=Validity Default
+policyset.caJarSigningSet.2.default.params.range=1461
+policyset.caJarSigningSet.2.default.params.startTime=60
+policyset.caJarSigningSet.3.constraint.class_id=keyConstraintImpl
+policyset.caJarSigningSet.3.constraint.name=Key Constraint
+policyset.caJarSigningSet.3.constraint.params.keyParameters=1024,2048,3072,4096
+policyset.caJarSigningSet.3.constraint.params.keyType=RSA
+policyset.caJarSigningSet.3.default.class_id=userKeyDefaultImpl
+policyset.caJarSigningSet.3.default.name=Key Default
+policyset.caJarSigningSet.4.constraint.class_id=keyUsageExtConstraintImpl
+policyset.caJarSigningSet.4.constraint.name=Key Usage Extension Constraint
+policyset.caJarSigningSet.4.constraint.params.keyUsageCritical=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageCrlSign=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageDataEncipherment=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageDecipherOnly=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageDigitalSignature=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageEncipherOnly=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageKeyAgreement=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageKeyCertSign=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageKeyEncipherment=-
+policyset.caJarSigningSet.4.constraint.params.keyUsageNonRepudiation=-
+policyset.caJarSigningSet.4.default.class_id=keyUsageExtDefaultImpl
+policyset.caJarSigningSet.4.default.name=Key Usage Default
+policyset.caJarSigningSet.4.default.params.keyUsageCritical=true
+policyset.caJarSigningSet.4.default.params.keyUsageCrlSign=false
+policyset.caJarSigningSet.4.default.params.keyUsageDataEncipherment=false
+policyset.caJarSigningSet.4.default.params.keyUsageDecipherOnly=false
+policyset.caJarSigningSet.4.default.params.keyUsageDigitalSignature=true
+policyset.caJarSigningSet.4.default.params.keyUsageEncipherOnly=false
+policyset.caJarSigningSet.4.default.params.keyUsageKeyAgreement=false
+policyset.caJarSigningSet.4.default.params.keyUsageKeyCertSign=true
+policyset.caJarSigningSet.4.default.params.keyUsageKeyEncipherment=false
+policyset.caJarSigningSet.4.default.params.keyUsageNonRepudiation=false
+policyset.caJarSigningSet.5.constraint.class_id=nsCertTypeExtConstraintImpl
+policyset.caJarSigningSet.5.constraint.name=Netscape Certificate Type Extension Constraint
+policyset.caJarSigningSet.5.constraint.params.nsCertCritical=-
+policyset.caJarSigningSet.5.constraint.params.nsCertEmail=-
+policyset.caJarSigningSet.5.constraint.params.nsCertEmailCA=-
+policyset.caJarSigningSet.5.constraint.params.nsCertObjectSigning=-
+policyset.caJarSigningSet.5.constraint.params.nsCertObjectSigningCA=-
+policyset.caJarSigningSet.5.constraint.params.nsCertSSLCA=-
+policyset.caJarSigningSet.5.constraint.params.nsCertSSLClient=-
+policyset.caJarSigningSet.5.constraint.params.nsCertSSLServer=-
+policyset.caJarSigningSet.5.default.class_id=nsCertTypeExtDefaultImpl
+policyset.caJarSigningSet.5.default.name=Netscape Certificate Type Extension Default
+policyset.caJarSigningSet.5.default.params.nsCertCritical=false
+policyset.caJarSigningSet.5.default.params.nsCertEmail=false
+policyset.caJarSigningSet.5.default.params.nsCertEmailCA=false
+policyset.caJarSigningSet.5.default.params.nsCertObjectSigning=true
+policyset.caJarSigningSet.5.default.params.nsCertObjectSigningCA=false
+policyset.caJarSigningSet.5.default.params.nsCertSSLCA=false
+policyset.caJarSigningSet.5.default.params.nsCertSSLClient=false
+policyset.caJarSigningSet.5.default.params.nsCertSSLServer=false
+policyset.caJarSigningSet.6.constraint.class_id=signingAlgConstraintImpl
+policyset.caJarSigningSet.6.constraint.name=No Constraint
+policyset.caJarSigningSet.6.constraint.params.signingAlgsAllowed=MD5withRSA,MD2withRSA,SHA1withRSA,SHA256withRSA,SHA512withRSA,SHA1withDSA,SHA1withEC,SHA256withEC,SHA384withEC,SHA512withEC
+policyset.caJarSigningSet.6.default.class_id=signingAlgDefaultImpl
+policyset.caJarSigningSet.6.default.name=Signing Alg
+policyset.caJarSigningSet.6.default.params.signingAlg=-