_000=##
_001=## Online Certificate Status Protocol (OCSP) Responder Configuration File
_002=##
pidDir=[PKI_PIDDIR]
pkicreate.pki_instance_root=[PKI_INSTANCE_ROOT]
pkicreate.pki_instance_name=[PKI_INSTANCE_ID]
pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE]
pkicreate.agent_secure_port=[PKI_AGENT_SECURE_PORT]
pkicreate.ee_secure_port=[PKI_EE_SECURE_PORT]
pkicreate.admin_secure_port=[PKI_ADMIN_SECURE_PORT]
pkicreate.secure_port=[PKI_SECURE_PORT]
pkicreate.unsecure_port=[PKI_UNSECURE_PORT]
pkicreate.tomcat_server_port=[TOMCAT_SERVER_PORT]
pkicreate.user=[PKI_USER]
pkicreate.group=[PKI_GROUP]
pkicreate.systemd.servicename=[PKI_SYSTEMD_SERVICENAME]
pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID]
installDate=[INSTALL_TIME]
cs.type=OCSP
admin.interface.uri=ocsp/admin/console/config/wizard
agent.interface.uri=ocsp/agent/ocsp
preop.admin.name=Online Certificate Status Manager Administrator
preop.admin.group=Online Certificate Status Manager Agents
preop.admincert.profile=caAdminCert
preop.securitydomain.admin_url=https://[PKI_MACHINE_NAME]:9445
preop.wizard.name=OCSP Setup Wizard
preop.product.name=CS
preop.product.version=@APPLICATION_VERSION@
preop.system.name=OCSP
preop.system.fullname=OCSP Responder
proxy.securePort=[PKI_PROXY_SECURE_PORT]
proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT]
preop.configModules.module0.userFriendlyName=NSS Internal PKCS #11 Module
preop.configModules.module0.commonName=NSS Internal PKCS #11 Module
preop.configModules.module0.imagePath=/pki/images/clearpixel.gif
preop.configModules.module1.userFriendlyName=nCipher's nFast Token Hardware Module
preop.configModules.module1.commonName=nfast
preop.configModules.module1.imagePath=/pki/images/clearpixel.gif
preop.configModules.module2.userFriendlyName=SafeNet's LunaSA Token Hardware Module
preop.configModules.module2.commonName=lunasa
preop.configModules.module2.imagePath=/pki/images/clearpixel.gif
preop.configModules.count=3
preop.module.token=Internal Key Storage Token
ocsp.cert.list=signing,sslserver,subsystem,audit_signing
preop.cert.list=signing,sslserver,subsystem,audit_signing
preop.cert.rsalist=audit_signing
ocsp.cert.signing.certusage=StatusResponder
ocsp.cert.sslserver.certusage=SSLServer
ocsp.cert.subsystem.certusage=SSLClient
ocsp.cert.audit_signing.certusage=ObjectSigner
preop.cert.ocsp_signing.enable=true
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=true
preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=OCSP Audit Signing Certificate
preop.cert.audit_signing.keysize.custom_size=2048
preop.cert.audit_signing.keysize.size=2048
preop.cert.audit_signing.nickname=auditSigningCert cert-[PKI_INSTANCE_ID]
preop.cert.audit_signing.profile=caInternalAuthAuditSigningCert
preop.cert.audit_signing.signing.required=false
preop.cert.audit_signing.subsystem=ocsp
preop.cert.audit_signing.type=remote
preop.cert.audit_signing.userfriendlyname=OCSP Audit Signing Certificate
preop.cert.audit_signing.cncomponent.override=true
preop.cert.signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.signing.dn=CN=OCSP Signing Certificate
preop.cert.signing.keysize.custom_size=2048
preop.cert.signing.keysize.size=2048
preop.cert.signing.nickname=ocspSigningCert cert-[PKI_INSTANCE_ID]
preop.cert.signing.profile=caInternalAuthOCSPCert
preop.cert.signing.signing.required=true
preop.cert.signing.subsystem=ocsp
preop.cert.signing.type=remote
preop.cert.signing.userfriendlyname=OCSP Signing Certificate
preop.cert.signing.cncomponent.override=true
preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME]
preop.cert.sslserver.keysize.custom_size=2048
preop.cert.sslserver.keysize.size=2048
preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_ID]
preop.cert.sslserver.profile=caInternalAuthServerCert
preop.cert.sslserver.signing.required=false
preop.cert.sslserver.subsystem=ocsp
preop.cert.sslserver.type=remote
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert.sslserver.cncomponent.override=false
preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=OCSP Subsystem Certificate
preop.cert.subsystem.keysize.custom_size=2048
preop.cert.subsystem.keysize.size=2048
preop.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID]
preop.cert.subsystem.profile=caInternalAuthSubsystemCert
preop.cert.subsystem.signing.required=false
preop.cert.subsystem.subsystem=ocsp
preop.cert.subsystem.type=remote
preop.cert.subsystem.userfriendlyname=Subsystem Certificate
preop.cert.subsystem.cncomponent.override=true
cs.state=0
authType=pwd
instanceRoot=[PKI_INSTANCE_PATH]
configurationRoot=/[PKI_SUBSYSTEM_DIR]conf/
machineName=[PKI_MACHINE_NAME]
instanceId=[PKI_INSTANCE_ID]
service.machineName=[PKI_MACHINE_NAME]
service.instanceDir=[PKI_INSTANCE_ROOT]
service.securePort=[PKI_AGENT_SECURE_PORT]
service.non_clientauth_securePort=[PKI_EE_SECURE_PORT]
service.unsecurePort=[PKI_UNSECURE_PORT]
service.instanceID=[PKI_INSTANCE_ID]
preop.pin=[PKI_RANDOM_NUMBER]
passwordFile=[PKI_INSTANCE_PATH]/conf/password.conf
passwordClass=com.netscape.cmsutil.password.PlainPasswordFile
multiroles=true
multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Adminstrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group
CrossCertPair._000=##
CrossCertPair._001=## CrossCertPair Import
CrossCertPair._002=##
CrossCertPair.ldap=internaldb
accessEvaluator.impl.group.class=com.netscape.cms.evaluators.GroupAccessEvaluator
accessEvaluator.impl.ipaddress.class=com.netscape.cms.evaluators.IPAddressAccessEvaluator
accessEvaluator.impl.user.class=com.netscape.cms.evaluators.UserAccessEvaluator
auths._000=##
auths._001=## new authentication
auths._002=##
auths.impl._000=##
auths.impl._001=## authentication manager implementations
auths.impl._002=##
auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.CMCAuth.class=com.netscape.cms.authentication.CMCAuth
auths.impl.NISAuth.class=com.netscape.cms.authentication.NISAuth
auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.UdnPwdDirAuth.class=com.netscape.cms.authentication.UdnPwdDirAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication
auths.instance.AgentCertAuth.agentGroup=Certificate Manager Agents
auths.instance.AgentCertAuth.pluginName=AgentCertAuth
auths.instance.TokenAuth.pluginName=TokenAuth
auths.revocationChecking.bufferSize=50
authz._000=##
authz._001=## new authorizatioin
authz._002=##
authz.evaluateOrder=deny,allow
authz.sourceType=ldap
authz.impl._000=##
authz.impl._001=## authorization manager implementations
authz.impl._002=##
authz.impl.BasicAclAuthz.class=com.netscape.cms.authorization.BasicAclAuthz
authz.impl.DirAclAuthz.class=com.netscape.cms.authorization.DirAclAuthz
authz.instance.BasicAclAuthz.pluginName=BasicAclAuthz
authz.instance.DirAclAuthz.ldap=internaldb
authz.instance.DirAclAuthz.pluginName=DirAclAuthz
authz.instance.DirAclAuthz.ldap._000=##
authz.instance.DirAclAuthz.ldap._001=## Internal Database
authz.instance.DirAclAuthz.ldap._002=##
cmc.cert.confirmRequired=false
cmc.lraPopWitness.verify.allow=true
cmc.revokeCert.verify=true
cmc.revokeCert.sharedSecret.class=com.netscape.cms.authentication.SharedSecret
cmc.sharedSecret.class=com.netscape.cms.authentication.SharedSecret
cms.version=@APPLICATION_VERSION_MAJOR@.@APPLICATION_VERSION_MINOR@
dbs.ldap=internaldb
dbs.newSchemaEntryAdded=true
debug.append=true
debug.enabled=true
debug.filename=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]debug
debug.hashkeytypes=
debug.level=0
debug.showcaller=false
keys.ecc.curve.list=nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2
keys.ecc.curve.display.list=nistp256 (secp256r1),nistp384 (secp384r1),nistp521 (secp521r1),nistk163 (sect163k1),sect163r1,nistb163 (sect163r2),sect193r1,sect193r2,nistk233 (sect233k1),nistb233 (sect233r1),sect239k1,nistk283 (sect283k1),nistb283 (sect283r1),nistk409 (sect409k1),nistb409 (sect409r1),nistk571 (sect571k1),nistb571 (sect571r1),secp160k1,secp160r1,secp160r2,secp192k1,nistp192 (secp192r1, prime192v1),secp224k1,nistp224 (secp224r1),secp256k1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2
keys.ecc.curve.default=nistp256
keys.rsa.keysize.default=2048
internaldb._000=##
internaldb._001=## Internal Database
internaldb._002=##
internaldb.maxConns=15
internaldb.minConns=3
internaldb.ldapauth.authtype=BasicAuth
internaldb.ldapauth.bindDN=cn=Directory Manager
internaldb.ldapauth.bindPWPrompt=Internal LDAP Database
internaldb.ldapauth.clientCertNickname=
internaldb.ldapconn.host=
internaldb.ldapconn.port=
internaldb.ldapconn.secureConn=false
preop.internaldb.schema.ldif=/usr/share/pki/ocsp/conf/schema.ldif
preop.internaldb.ldif=/usr/share/pki/ocsp/conf/database.ldif
preop.internaldb.data_ldif=/usr/share/pki/ocsp/conf/db.ldif,/usr/share/pki/ocsp/conf/acl.ldif
preop.internaldb.index_ldif=/usr/share/pki/ocsp/conf/index.ldif
preop.internaldb.manager_ldif=/usr/share/pki/ca/conf/manager.ldif
preop.internaldb.post_ldif=
preop.internaldb.wait_dn=
internaldb.multipleSuffix.enable=false
jss._000=##
jss._001=## JSS
jss._002=##
jss.configDir=[PKI_INSTANCE_PATH]/alias/
jss.enable=true
jss.secmodName=secmod.db
jss.ocspcheck.enable=false
jss.ssl.cipherfortezza=true
jss.ssl.cipherpref=
jss.ssl.cipherversion=cipherdomestic
log._000=##
log._001=## Logging
log._002=##
log.impl.file.class=com.netscape.cms.logging.RollingLogFile
log.instance.SignedAudit._000=##
log.instance.SignedAudit._001=## Signed Audit Logging
log.instance.SignedAudit._002=##
log.instance.SignedAudit._003=##
log.instance.SignedAudit._004=## Available Audit events:
log.instance.SignedAudit._005=## AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION
log.instance.SignedAudit._006=##
log.instance.SignedAudit.bufferSize=512
log.instance.SignedAudit.enable=true
log.instance.SignedAudit.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION
log.instance.SignedAudit.expirationTime=0
log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]signedAudit/ocsp_cert-ocsp_audit
log.instance.SignedAudit.flushInterval=5
log.instance.SignedAudit.level=1
log.instance.SignedAudit.logSigning=false
log.instance.SignedAudit.maxFileSize=2000
log.instance.SignedAudit.pluginName=file
log.instance.SignedAudit.rolloverInterval=2592000
log.instance.SignedAudit.signedAudit:_000=##
log.instance.SignedAudit.signedAudit:_001=## Fill in the nickname of a trusted signing certificate to allow OCSP audit logs to be signed
log.instance.SignedAudit.signedAudit:_002=##
log.instance.SignedAudit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_ID]
log.instance.SignedAudit.type=signedAudit
log.instance.System._000=##
log.instance.System._001=## System Logging
log.instance.System._002=##
log.instance.System.bufferSize=512
log.instance.System.enable=true
log.instance.System.expirationTime=0
log.instance.System.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]system
log.instance.System.flushInterval=5
log.instance.System.level=3
log.instance.System.maxFileSize=2000
log.instance.System.pluginName=file
log.instance.System.rolloverInterval=2592000
log.instance.System.type=system
log.instance.Transactions._000=##
log.instance.Transactions._001=## Transaction Logging
log.instance.Transactions._002=##
log.instance.Transactions.bufferSize=512
log.instance.Transactions.enable=true
log.instance.Transactions.expirationTime=0
log.instance.Transactions.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]transactions
log.instance.Transactions.flushInterval=5
log.instance.Transactions.level=1
log.instance.Transactions.maxFileSize=2000
log.instance.Transactions.pluginName=file
log.instance.Transactions.rolloverInterval=2592000
log.instance.Transactions.type=transaction
logAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]access
logError.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]error
ocsp.certNickname=
ocsp.storeId=defStore
ocsp.signing.certnickname=
ocsp.signing.defaultSigningAlgorithm=SHA256withRSA
ocsp.signing.tokenname=internal
ocsp.store.defStore.class=com.netscape.cms.ocsp.DefStore
ocsp.store.defStore.includeNextUpdate=false
ocsp.store.defStore.notFoundAsGood=true
ocsp.store.ldapStore.class=com.netscape.cms.ocsp.LDAPStore
oidmap.auth_info_access.class=netscape.security.extensions.AuthInfoAccessExtension
oidmap.auth_info_access.oid=1.3.6.1.5.5.7.1.1
oidmap.challenge_password.class=com.netscape.cms.servlet.cert.scep.ChallengePassword
oidmap.challenge_password.oid=1.2.840.113549.1.9.7
oidmap.extended_key_usage.class=netscape.security.extensions.ExtendedKeyUsageExtension
oidmap.extended_key_usage.oid=2.5.29.37
oidmap.extensions_requested_pkcs9.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested
oidmap.extensions_requested_pkcs9.oid=1.2.840.113549.1.9.14
oidmap.extensions_requested_vsgn.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested
oidmap.extensions_requested_vsgn.oid=2.16.840.1.113733.1.9.8
oidmap.netscape_comment.class=netscape.security.x509.NSCCommentExtension
oidmap.netscape_comment.oid=2.16.840.1.113730.1.13
oidmap.ocsp_no_check.class=netscape.security.extensions.OCSPNoCheckExtension
oidmap.ocsp_no_check.oid=1.3.6.1.5.5.7.48.1.5
oidmap.pse.class=netscape.security.extensions.PresenceServerExtension
oidmap.pse.oid=2.16.840.1.113730.1.18
oidmap.subject_info_access.class=netscape.security.extensions.SubjectInfoAccessExtension
oidmap.subject_info_access.oid=1.3.6.1.5.5.7.1.11
os.serverName=cert-[PKI_INSTANCE_ID]
os.userid=nobody
registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg
selftests._000=##
selftests._001=## Self Tests
selftests._002=##
selftests._003=## The Self-Test plugin SystemCertsVerification uses the
selftests._004=## following parameters (where certusage is optional):
selftests._005=## ocsp.cert.list = <list of cert tag names deliminated by ",">
selftests._006=## ocsp.cert.<cert tag name>.nickname
selftests._007=## ocsp.cert.<cert tag name>.certusage
selftests._008=##
selftests.container.instance.OCSPPresence=com.netscape.cms.selftests.ocsp.OCSPPresence
selftests.container.instance.OCSPValidity=com.netscape.cms.selftests.ocsp.OCSPValidity
selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification
selftests.container.logger.bufferSize=512
selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile
selftests.container.logger.enable=true
selftests.container.logger.expirationTime=0
selftests.container.logger.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_DIR]selftests.log
selftests.container.logger.flushInterval=5
selftests.container.logger.level=1
selftests.container.logger.maxFileSize=2000
selftests.container.logger.register=false
selftests.container.logger.rolloverInterval=2592000
selftests.container.logger.type=transaction
selftests.container.order.onDemand=OCSPPresence:critical, SystemCertsVerification:critical, OCSPValidity:critical
selftests.container.order.startup=OCSPPresence:critical, SystemCertsVerification:critical
selftests.plugin.OCSPPresence.OcspSubId=ocsp
selftests.plugin.OCSPValidity.OcspSubId=ocsp
selftests.plugin.SystemCertsVerification.SubId=ocsp
smtp.host=localhost
smtp.port=25
subsystem.0.class=com.netscape.ocsp.OCSPAuthority
subsystem.0.id=ocsp
subsystem.1.class=com.netscape.cmscore.selftests.SelfTestSubsystem
subsystem.1.id=selftests
subsystem.2.class=com.netscape.cmscore.util.StatsSubsystem
subsystem.2.id=stats
usrgrp._000=##
usrgrp._001=## User/Group
usrgrp._002=##
usrgrp.ldap=internaldb
multiroles._000=##
multiroles._001=## multiroles
multiroles._002=##
multiroles.enable=true
multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Administrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group,ClonedSubsystems