summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg')
-rw-r--r--pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg170
1 files changed, 170 insertions, 0 deletions
diff --git a/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg
new file mode 100644
index 000000000..ebc231808
--- /dev/null
+++ b/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg
@@ -0,0 +1,170 @@
+desc=This profile is for enrolling Token Signing key
+enable=true
+enableBy=admin
+name=Token User Signing Certificate Enrollment
+visible=false
+auth.instance_id=AgentCertAuth
+input.list=i1
+input.i1.class_id=nsNKeyCertReqInputImpl
+input.i1.name=nsNKeyCertReqInputImpl
+output.list=o1
+output.o1.class_id=nsNKeyOutputImpl
+output.o2.name=nsNKeyOutputImpl
+policyset.list=set1
+#policyset.set1.list=p2,p4,p5,p1,p6,p7,p8,p9,p12,p13,p14
+policyset.set1.list=p2,p4,p5,p1,p6,p8,p9,p12
+policyset.set1.p1.constraint.class_id=noConstraintImpl
+policyset.set1.p1.constraint.name=No Constraint
+policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
+policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
+policyset.set1.p1.default.params.dnpattern=UID=$request.uid$, O=Token Key User
+#changed ldap.enable to true to support SMIME
+policyset.set1.p1.default.params.ldap.enable=false
+policyset.set1.p1.default.params.ldap.searchName=uid
+policyset.set1.p1.default.params.ldapStringAttributes=uid,mail
+policyset.set1.p1.default.params.ldap.basedn=
+policyset.set1.p1.default.params.ldap.maxConns=4
+policyset.set1.p1.default.params.ldap.minConns=1
+policyset.set1.p1.default.params.ldap.ldapconn.Version=2
+policyset.set1.p1.default.params.ldap.ldapconn.host=
+policyset.set1.p1.default.params.ldap.ldapconn.port=
+policyset.set1.p1.default.params.ldap.ldapconn.secureConn=false
+policyset.set1.p2.constraint.class_id=noConstraintImpl
+policyset.set1.p2.constraint.name=No Constraint
+policyset.set1.p2.default.class_id=validityDefaultImpl
+policyset.set1.p2.default.name=Validity Default
+policyset.set1.p2.default.params.range=1825
+policyset.set1.p2.default.params.startTime=0
+policyset.set1.p4.constraint.class_id=noConstraintImpl
+policyset.set1.p4.constraint.name=No Constraint
+policyset.set1.p4.default.class_id=signingAlgDefaultImpl
+policyset.set1.p4.default.name=Signing Algorithm Default
+policyset.set1.p4.default.params.signingAlg=-
+policyset.set1.p5.constraint.class_id=noConstraintImpl
+policyset.set1.p5.constraint.name=No Constraint
+policyset.set1.p5.default.class_id=keyUsageExtDefaultImpl
+policyset.set1.p5.default.name=Key Usage Extension Default
+policyset.set1.p5.default.params.keyUsageCritical=true
+policyset.set1.p5.default.params.keyUsageCrlSign=false
+policyset.set1.p5.default.params.keyUsageDataEncipherment=false
+policyset.set1.p5.default.params.keyUsageDecipherOnly=false
+policyset.set1.p5.default.params.keyUsageDigitalSignature=true
+policyset.set1.p5.default.params.keyUsageEncipherOnly=false
+policyset.set1.p5.default.params.keyUsageKeyAgreement=false
+policyset.set1.p5.default.params.keyUsageKeyCertSign=false
+policyset.set1.p5.default.params.keyUsageKeyEncipherment=false
+policyset.set1.p5.default.params.keyUsageNonRepudiation=true
+policyset.set1.p6.constraint.class_id=noConstraintImpl
+policyset.set1.p6.constraint.name=No Constraint
+policyset.set1.p6.default.class_id=subjectAltNameExtDefaultImpl
+policyset.set1.p6.default.name=Subject Alternative Name Extension Default
+policyset.set1.p6.default.params.subjAltExtGNEnable_0=true
+policyset.set1.p6.default.params.subjAltExtGNEnable_1=false
+policyset.set1.p6.default.params.subjAltExtGNEnable_2=false
+policyset.set1.p6.default.params.subjAltExtGNEnable_3=false
+policyset.set1.p6.default.params.subjAltExtGNEnable_4=false
+policyset.set1.p6.default.params.subjAltExtPattern_0=$request.mail$
+policyset.set1.p6.default.params.subjAltExtPattern_1=
+policyset.set1.p6.default.params.subjAltExtPattern_2=
+policyset.set1.p6.default.params.subjAltExtPattern_3=
+policyset.set1.p6.default.params.subjAltExtPattern_4=
+policyset.set1.p6.default.params.subjAltExtType_0=RFC822Name
+policyset.set1.p6.default.params.subjAltExtType_1=OtherName
+policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name
+policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name
+policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name
+policyset.set1.p6.default.params.subjAltNameExtCritical=false
+policyset.set1.p6.default.params.subjAltNameNumGNs=1
+policyset.set1.p7.constraint.class_id=noConstraintImpl
+policyset.set1.p7.constraint.name=No Constraint
+policyset.set1.p7.default.class_id=certificatePoliciesExtDefaultImpl
+policyset.set1.p7.default.name=Certificate Policies Extension Default
+policyset.set1.p7.default.params.Critical=false
+policyset.set1.p7.default.params.PoliciesExt.num=5
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.policyId=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.enable=true
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.explicitText.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.organization=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.policyId=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.explicitText.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.organization=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.policyId=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.explicitText.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.organization=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.policyId=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.explicitText.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.organization=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.policyId=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.enable=false
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.explicitText.value=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
+policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.organization=
+policyset.set1.p8.constraint.class_id=noConstraintImpl
+policyset.set1.p8.constraint.name=No Constraint
+policyset.set1.p8.default.class_id=subjectKeyIdentifierExtDefaultImpl
+policyset.set1.p8.default.name=Subject Key Identifier Default
+policyset.set1.p9.constraint.class_id=noConstraintImpl
+policyset.set1.p9.constraint.name=No Constraint
+policyset.set1.p9.default.class_id=authorityKeyIdentifierExtDefaultImpl
+policyset.set1.p9.default.name=Authority Key Identifier Extension Default
+policyset.set1.10.constraint.class_id=renewGracePeriodConstraintImpl
+policyset.set1.10.constraint.name=Renewal Grace Period Constraint
+policyset.set1.10.constraint.params.renewal.graceBefore=30
+policyset.set1.10.constraint.params.renewal.graceAfter=30
+policyset.set1.10.default.class_id=noDefaultImpl
+policyset.set1.10.default.name=No Default
+policyset.set1.p12.constraint.class_id=basicConstraintsExtConstraintImpl
+policyset.set1.p12.constraint.name=Basic Constraints Extension Constraint
+policyset.set1.p12.constraint.params.basicConstraintsCritical=-
+policyset.set1.p12.constraint.params.basicConstraintsIsCA=-
+policyset.set1.p12.constraint.params.basicConstraintsMaxPathLen=-1
+policyset.set1.p12.constraint.params.basicConstraintsMinPathLen=-1
+policyset.set1.p12.default.class_id=basicConstraintsExtDefaultImpl
+policyset.set1.p12.default.name=Basic Constraints Extension Default
+policyset.set1.p12.default.params.basicConstraintsCritical=false
+policyset.set1.p12.default.params.basicConstraintsIsCA=false
+policyset.set1.p12.default.params.basicConstraintsPathLen=-1
+policyset.set1.p13.constraint.class_id=noConstraintImpl
+policyset.set1.p13.constraint.name=No Constraint
+policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl
+policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl
+policyset.set1.p13.default.params.crlDistPointsCritical=false
+policyset.set1.p13.default.params.crlDistPointsNum=1
+policyset.set1.p13.default.params.crlDistPointsEnable_0=false
+policyset.set1.p13.default.params.crlDistPointsIssuerName_0=
+policyset.set1.p13.default.params.crlDistPointsIssuerType_0=
+policyset.set1.p13.default.params.crlDistPointsPointName_0=
+policyset.set1.p13.default.params.crlDistPointsPointType_0=URIName
+policyset.set1.p13.default.params.crlDistPointsReasons_0=
+policyset.set1.p14.constraint.class_id=noConstraintImpl
+policyset.set1.p14.constraint.name=No Constraint
+policyset.set1.p14.default.class_id=authInfoAccessExtDefaultImpl
+policyset.set1.p14.default.name=AIA Extension Default
+policyset.set1.p14.default.params.authInfoAccessADEnable_0=false
+policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName
+policyset.set1.p14.default.params.authInfoAccessADLocation_0=
+policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
+policyset.set1.p14.default.params.authInfoAccessCritical=false
+policyset.set1.p14.default.params.authInfoAccessNumADs=1
generated by cgit (git 2.34.1) at 2024-04-18 17:28:17 +0000