desc=This profile is for enrolling MS Login Certificate
enable=true
enableBy=admin
name=Token User MS Login Certificate Enrollment
visible=false
auth.instance_id=AgentCertAuth
input.list=i1
input.i1.class_id=nsNKeyCertReqInputImpl
input.i1.name=nsNKeyCertReqInputImpl
output.list=o1
output.o1.class_id=nsNKeyOutputImpl
output.o2.name=nsNKeyOutputImpl
policyset.list=set1
#policyset.set1.list=p2,p4,p5,p1,p6,p7,p8,p9,p12,p13,p14
policyset.set1.list=p2,p4,p5,p1,p6,p8,p9,p12,p13,p14,p15
policyset.set1.p1.constraint.class_id=noConstraintImpl
policyset.set1.p1.constraint.name=No Constraint
policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
policyset.set1.p1.default.params.dnpattern=CN=uid=$request.uid$,E=$request.mail$, ou=$request.upn$, o=example
#changed ldap.enable to true to support SMIME
policyset.set1.p1.default.params.ldap.enable=true
policyset.set1.p1.default.params.ldap.searchName=uid
policyset.set1.p1.default.params.ldapStringAttributes=uid,mail,givenName,sn,upn
policyset.set1.p1.default.params.ldap.basedn=ou=People,dc=example,dc=com
policyset.set1.p1.default.params.ldap.maxConns=4
policyset.set1.p1.default.params.ldap.minConns=1
policyset.set1.p1.default.params.ldap.ldapconn.Version=2
policyset.set1.p1.default.params.ldap.ldapconn.host=localhost.localdomain
policyset.set1.p1.default.params.ldap.ldapconn.port=389
policyset.set1.p1.default.params.ldap.ldapconn.secureConn=false
policyset.set1.p2.constraint.class_id=noConstraintImpl
policyset.set1.p2.constraint.name=No Constraint
policyset.set1.p2.default.class_id=validityDefaultImpl
policyset.set1.p2.default.name=Validity Default
policyset.set1.p2.default.params.range=1825
policyset.set1.p2.default.params.startTime=0
policyset.set1.p4.constraint.class_id=noConstraintImpl
policyset.set1.p4.constraint.name=No Constraint
policyset.set1.p4.default.class_id=signingAlgDefaultImpl
policyset.set1.p4.default.name=Signing Algorithm Default
policyset.set1.p4.default.params.signingAlg=-
policyset.set1.p5.constraint.class_id=noConstraintImpl
policyset.set1.p5.constraint.name=No Constraint
policyset.set1.p5.default.class_id=keyUsageExtDefaultImpl
policyset.set1.p5.default.name=Key Usage Extension Default
policyset.set1.p5.default.params.keyUsageCritical=true
policyset.set1.p5.default.params.keyUsageCrlSign=false
policyset.set1.p5.default.params.keyUsageDataEncipherment=false
policyset.set1.p5.default.params.keyUsageDecipherOnly=false
policyset.set1.p5.default.params.keyUsageDigitalSignature=true
policyset.set1.p5.default.params.keyUsageEncipherOnly=false
policyset.set1.p5.default.params.keyUsageKeyAgreement=false
policyset.set1.p5.default.params.keyUsageKeyCertSign=false
policyset.set1.p5.default.params.keyUsageKeyEncipherment=false
policyset.set1.p5.default.params.keyUsageNonRepudiation=true
policyset.set1.p6.constraint.class_id=noConstraintImpl
policyset.set1.p6.constraint.name=No Constraint
policyset.set1.p6.default.class_id=subjectAltNameExtDefaultImpl
policyset.set1.p6.default.name=Subject Alternative Name Extension Default
policyset.set1.p6.default.params.subjAltExtGNEnable_0=true
policyset.set1.p6.default.params.subjAltExtGNEnable_1=true
policyset.set1.p6.default.params.subjAltExtGNEnable_2=false
policyset.set1.p6.default.params.subjAltExtGNEnable_3=false
policyset.set1.p6.default.params.subjAltExtGNEnable_4=false
policyset.set1.p6.default.params.subjAltExtPattern_0=$request.mail$
policyset.set1.p6.default.params.subjAltExtPattern_1=(UTF8String)1.3.6.1.4.1.311.20.2.3,$request.upn$
policyset.set1.p6.default.params.subjAltExtPattern_2=
policyset.set1.p6.default.params.subjAltExtPattern_3=
policyset.set1.p6.default.params.subjAltExtPattern_4=
policyset.set1.p6.default.params.subjAltExtType_0=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_1=OtherName
policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name
policyset.set1.p6.default.params.subjAltNameExtCritical=false
policyset.set1.p6.default.params.subjAltNameNumGNs=2
policyset.set1.p7.constraint.class_id=noConstraintImpl
policyset.set1.p7.constraint.name=No Constraint
policyset.set1.p7.default.class_id=certificatePoliciesExtDefaultImpl
policyset.set1.p7.default.name=Certificate Policies Extension Default
policyset.set1.p7.default.params.Critical=false
policyset.set1.p7.default.params.PoliciesExt.num=5
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.enable=true
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.explicitText.value=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.enable=false
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.explicitText.value=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p8.constraint.class_id=noConstraintImpl
policyset.set1.p8.constraint.name=No Constraint
policyset.set1.p8.default.class_id=subjectKeyIdentifierExtDefaultImpl
policyset.set1.p8.default.name=Subject Key Identifier Default
policyset.set1.p9.constraint.class_id=noConstraintImpl
policyset.set1.p9.constraint.name=No Constraint
policyset.set1.p9.default.class_id=authorityKeyIdentifierExtDefaultImpl
policyset.set1.p9.default.name=Authority Key Identifier Extension Default
policyset.set1.p12.constraint.class_id=basicConstraintsExtConstraintImpl
policyset.set1.p12.constraint.name=Basic Constraints Extension Constraint
policyset.set1.p12.constraint.params.basicConstraintsCritical=-
policyset.set1.p12.constraint.params.basicConstraintsIsCA=-
policyset.set1.p12.constraint.params.basicConstraintsMaxPathLen=-1
policyset.set1.p12.constraint.params.basicConstraintsMinPathLen=-1
policyset.set1.p12.default.class_id=basicConstraintsExtDefaultImpl
policyset.set1.p12.default.name=Basic Constraints Extension Default
policyset.set1.p12.default.params.basicConstraintsCritical=false
policyset.set1.p12.default.params.basicConstraintsIsCA=false
policyset.set1.p12.default.params.basicConstraintsPathLen=-1
policyset.set1.p13.constraint.class_id=noConstraintImpl
policyset.set1.p13.constraint.name=No Constraint
policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.params.crlDistPointsCritical=false
policyset.set1.p13.default.params.crlDistPointsNum=1
policyset.set1.p13.default.params.crlDistPointsEnable_0=true
policyset.set1.p13.default.params.crlDistPointsIssuerName_0=
policyset.set1.p13.default.params.crlDistPointsIssuerType_0=
policyset.set1.p13.default.params.crlDistPointsPointName_0=http://localhost.localdomain:9443/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL
policyset.set1.p13.default.params.crlDistPointsPointType_0=URIName
policyset.set1.p13.default.params.crlDistPointsReasons_0=
policyset.set1.p14.constraint.class_id=noConstraintImpl
policyset.set1.p14.constraint.name=No Constraint
policyset.set1.p14.default.class_id=authInfoAccessExtDefaultImpl
policyset.set1.p14.default.name=AIA Extension Default
policyset.set1.p14.default.params.authInfoAccessADEnable_0=true
policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName
policyset.set1.p14.default.params.authInfoAccessADLocation_0=http://localhost.localdomain:9443/ca/ocsp
policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
policyset.set1.p14.default.params.authInfoAccessCritical=false
policyset.set1.p14.default.params.authInfoAccessNumADs=1
policyset.set1.p15.constraint.class_id=noConstraintImpl
policyset.set1.p15.constraint.name=No Constraint
policyset.set1.p15.default.class_id=extendedKeyUsageExtDefaultImpl
policyset.set1.p15.default.name=Extended Key Usage Extension Default
policyset.set1.p15.default.params.exKeyUsageCritical=false
policyset.set1.p15.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.4.1.311.20.2.2