_000=## _001=## Online Certificate Status Protocol (OCSP) Responder Configuration File _002=## pkicreate.pki_instance_root=[PKI_INSTANCE_ROOT] pkicreate.pki_instance_name=[PKI_INSTANCE_ID] pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE] pkicreate.agent_secure_port=[PKI_AGENT_SECURE_PORT] pkicreate.ee_secure_port=[PKI_EE_SECURE_PORT] pkicreate.admin_secure_port=[PKI_ADMIN_SECURE_PORT] pkicreate.secure_port=[PKI_SECURE_PORT] pkicreate.unsecure_port=[PKI_UNSECURE_PORT] pkicreate.tomcat_server_port=[TOMCAT_SERVER_PORT] pkicreate.user=[PKI_USER] pkicreate.group=[PKI_GROUP] pkicreate.systemd.servicename=[PKI_SYSTEMD_SERVICENAME] pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] installDate=[INSTALL_TIME] cs.type=OCSP admin.interface.uri=ocsp/admin/console/config/wizard agent.interface.uri=ocsp/agent/ocsp preop.admin.name=Online Certificate Status Manager Administrator preop.admin.group=Online Certificate Status Manager Agents preop.admincert.profile=caAdminCert preop.securitydomain.admin_url=https://[PKI_MACHINE_NAME]:9445 preop.wizard.name=OCSP Setup Wizard preop.product.name=CS preop.product.version=@VERSION@ preop.system.name=OCSP preop.system.fullname=OCSP Responder proxy.securePort=[PKI_PROXY_SECURE_PORT] proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT] preop.configModules.module0.userFriendlyName=NSS Internal PKCS #11 Module preop.configModules.module0.commonName=NSS Internal PKCS #11 Module preop.configModules.module0.imagePath=../img/clearpixel.gif preop.configModules.module1.userFriendlyName=nCipher's nFast Token Hardware Module preop.configModules.module1.commonName=nfast preop.configModules.module1.imagePath=../img/clearpixel.gif preop.configModules.module2.userFriendlyName=SafeNet's LunaSA Token Hardware Module preop.configModules.module2.commonName=lunasa preop.configModules.module2.imagePath=../img/clearpixel.gif preop.configModules.count=3 preop.module.token=Internal Key Storage Token ocsp.cert.list=signing,sslserver,subsystem,audit_signing preop.cert.list=signing,sslserver,subsystem,audit_signing preop.cert.rsalist=audit_signing ocsp.cert.signing.certusage=StatusResponder ocsp.cert.sslserver.certusage=SSLServer ocsp.cert.subsystem.certusage=SSLClient ocsp.cert.audit_signing.certusage=ObjectSigner preop.cert.ocsp_signing.enable=true preop.cert.sslserver.enable=true preop.cert.subsystem.enable=true preop.cert.audit_signing.enable=true preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA preop.cert.audit_signing.dn=CN=OCSP Audit Signing Certificate preop.cert.audit_signing.keysize.custom_size=2048 preop.cert.audit_signing.keysize.size=2048 preop.cert.audit_signing.nickname=auditSigningCert cert-[PKI_INSTANCE_ID] preop.cert.audit_signing.profile=caInternalAuthAuditSigningCert preop.cert.audit_signing.signing.required=false preop.cert.audit_signing.subsystem=ocsp preop.cert.audit_signing.type=remote preop.cert.audit_signing.userfriendlyname=OCSP Audit Signing Certificate preop.cert.audit_signing.cncomponent.override=true preop.cert.signing.defaultSigningAlgorithm=SHA256withRSA preop.cert.signing.dn=CN=OCSP Signing Certificate preop.cert.signing.keysize.custom_size=2048 preop.cert.signing.keysize.size=2048 preop.cert.signing.nickname=ocspSigningCert cert-[PKI_INSTANCE_ID] preop.cert.signing.profile=caInternalAuthOCSPCert preop.cert.signing.signing.required=true preop.cert.signing.subsystem=ocsp preop.cert.signing.type=remote preop.cert.signing.userfriendlyname=OCSP Signing Certificate preop.cert.signing.cncomponent.override=true preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME] preop.cert.sslserver.keysize.custom_size=2048 preop.cert.sslserver.keysize.size=2048 preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_ID] preop.cert.sslserver.profile=caInternalAuthServerCert preop.cert.sslserver.signing.required=false preop.cert.sslserver.subsystem=ocsp preop.cert.sslserver.type=remote preop.cert.sslserver.userfriendlyname=SSL Server Certificate preop.cert.sslserver.cncomponent.override=false preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA preop.cert.subsystem.dn=CN=OCSP Subsystem Certificate preop.cert.subsystem.keysize.custom_size=2048 preop.cert.subsystem.keysize.size=2048 preop.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] preop.cert.subsystem.profile=caInternalAuthSubsystemCert preop.cert.subsystem.signing.required=false preop.cert.subsystem.subsystem=ocsp preop.cert.subsystem.type=remote preop.cert.subsystem.userfriendlyname=Subsystem Certificate preop.cert.subsystem.cncomponent.override=true cs.state=0 authType=pwd instanceRoot=[PKI_INSTANCE_PATH] machineName=[PKI_MACHINE_NAME] instanceId=[PKI_INSTANCE_ID] service.machineName=[PKI_MACHINE_NAME] service.instanceDir=[PKI_INSTANCE_ROOT] service.securePort=[PKI_AGENT_SECURE_PORT] service.non_clientauth_securePort=[PKI_EE_SECURE_PORT] service.unsecurePort=[PKI_UNSECURE_PORT] service.instanceID=[PKI_INSTANCE_ID] preop.pin=[PKI_RANDOM_NUMBER] passwordFile=[PKI_INSTANCE_PATH]/conf/password.conf passwordClass=com.netscape.cmsutil.password.PlainPasswordFile multiroles=true multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Adminstrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group CrossCertPair._000=## CrossCertPair._001=## CrossCertPair Import CrossCertPair._002=## CrossCertPair.ldap=internaldb accessEvaluator.impl.group.class=com.netscape.cms.evaluators.GroupAccessEvaluator accessEvaluator.impl.ipaddress.class=com.netscape.cms.evaluators.IPAddressAccessEvaluator accessEvaluator.impl.user.class=com.netscape.cms.evaluators.UserAccessEvaluator auths._000=## auths._001=## new authentication auths._002=## auths.impl._000=## auths.impl._001=## authentication manager implementations auths.impl._002=## auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication auths.impl.CMCAuth.class=com.netscape.cms.authentication.CMCAuth auths.impl.NISAuth.class=com.netscape.cms.authentication.NISAuth auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication auths.impl.UdnPwdDirAuth.class=com.netscape.cms.authentication.UdnPwdDirAuthentication auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication auths.instance.AgentCertAuth.agentGroup=Certificate Manager Agents auths.instance.AgentCertAuth.pluginName=AgentCertAuth auths.instance.TokenAuth.pluginName=TokenAuth auths.revocationChecking.bufferSize=50 authz._000=## authz._001=## new authorizatioin authz._002=## authz.evaluateOrder=deny,allow authz.sourceType=ldap authz.impl._000=## authz.impl._001=## authorization manager implementations authz.impl._002=## authz.impl.BasicAclAuthz.class=com.netscape.cms.authorization.BasicAclAuthz authz.impl.DirAclAuthz.class=com.netscape.cms.authorization.DirAclAuthz authz.instance.BasicAclAuthz.pluginName=BasicAclAuthz authz.instance.DirAclAuthz.ldap=internaldb authz.instance.DirAclAuthz.pluginName=DirAclAuthz authz.instance.DirAclAuthz.ldap._000=## authz.instance.DirAclAuthz.ldap._001=## Internal Database authz.instance.DirAclAuthz.ldap._002=## cmc.cert.confirmRequired=false cmc.lraPopWitness.verify.allow=true cmc.revokeCert.verify=true cmc.revokeCert.sharedSecret.class=com.netscape.cms.authentication.SharedSecret cmc.sharedSecret.class=com.netscape.cms.authentication.SharedSecret cms.version=@MAJOR_VERSION@.@MINOR_VERSION@ dbs.ldap=internaldb dbs.newSchemaEntryAdded=true debug.append=true debug.enabled=true debug.filename=[PKI_INSTANCE_PATH]/logs/debug debug.hashkeytypes= debug.level=0 debug.showcaller=false keys.ecc.curve.list=nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2 keys.ecc.curve.display.list=nistp256 (secp256r1),nistp384 (secp384r1),nistp521 (secp521r1),nistk163 (sect163k1),sect163r1,nistb163 (sect163r2),sect193r1,sect193r2,nistk233 (sect233k1),nistb233 (sect233r1),sect239k1,nistk283 (sect283k1),nistb283 (sect283r1),nistk409 (sect409k1),nistb409 (sect409r1),nistk571 (sect571k1),nistb571 (sect571r1),secp160k1,secp160r1,secp160r2,secp192k1,nistp192 (secp192r1, prime192v1),secp224k1,nistp224 (secp224r1),secp256k1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2 keys.ecc.curve.default=nistp256 keys.rsa.keysize.default=2048 internaldb._000=## internaldb._001=## Internal Database internaldb._002=## internaldb.maxConns=15 internaldb.minConns=3 internaldb.ldapauth.authtype=BasicAuth internaldb.ldapauth.bindDN=cn=Directory Manager internaldb.ldapauth.bindPWPrompt=Internal LDAP Database internaldb.ldapauth.clientCertNickname= internaldb.ldapconn.host= internaldb.ldapconn.port= internaldb.ldapconn.secureConn=false preop.internaldb.schema.ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/schema.ldif preop.internaldb.ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/database.ldif preop.internaldb.data_ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/db.ldif,/usr/share/[PKI_FLAVOR]/ocsp/conf/acl.ldif preop.internaldb.index_ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/index.ldif preop.internaldb.manager_ldif=/usr/share/[PKI_FLAVOR]/ca/conf/manager.ldif preop.internaldb.post_ldif= preop.internaldb.wait_dn= internaldb.multipleSuffix.enable=false jss._000=## jss._001=## JSS jss._002=## jss.configDir=[PKI_INSTANCE_PATH]/alias/ jss.enable=true jss.secmodName=secmod.db jss.ocspcheck.enable=false jss.ssl.cipherfortezza=true jss.ssl.cipherpref= jss.ssl.cipherversion=cipherdomestic log._000=## log._001=## Logging log._002=## log.impl.file.class=com.netscape.cms.logging.RollingLogFile log.instance.SignedAudit._000=## log.instance.SignedAudit._001=## Signed Audit Logging log.instance.SignedAudit._002=## log.instance.SignedAudit._003=## log.instance.SignedAudit._004=## Available Audit events: log.instance.SignedAudit._005=## AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION log.instance.SignedAudit._006=## log.instance.SignedAudit.bufferSize=512 log.instance.SignedAudit.enable=true log.instance.SignedAudit.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION log.instance.SignedAudit.expirationTime=0 log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/signedAudit/ocsp_cert-ocsp_audit log.instance.SignedAudit.flushInterval=5 log.instance.SignedAudit.level=1 log.instance.SignedAudit.logSigning=false log.instance.SignedAudit.maxFileSize=2000 log.instance.SignedAudit.pluginName=file log.instance.SignedAudit.rolloverInterval=2592000 log.instance.SignedAudit.signedAudit:_000=## log.instance.SignedAudit.signedAudit:_001=## Fill in the nickname of a trusted signing certificate to allow OCSP audit logs to be signed log.instance.SignedAudit.signedAudit:_002=## log.instance.SignedAudit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_ID] log.instance.SignedAudit.type=signedAudit log.instance.System._000=## log.instance.System._001=## System Logging log.instance.System._002=## log.instance.System.bufferSize=512 log.instance.System.enable=true log.instance.System.expirationTime=0 log.instance.System.fileName=[PKI_INSTANCE_PATH]/logs/system log.instance.System.flushInterval=5 log.instance.System.level=3 log.instance.System.maxFileSize=2000 log.instance.System.pluginName=file log.instance.System.rolloverInterval=2592000 log.instance.System.type=system log.instance.Transactions._000=## log.instance.Transactions._001=## Transaction Logging log.instance.Transactions._002=## log.instance.Transactions.bufferSize=512 log.instance.Transactions.enable=true log.instance.Transactions.expirationTime=0 log.instance.Transactions.fileName=[PKI_INSTANCE_PATH]/logs/transactions log.instance.Transactions.flushInterval=5 log.instance.Transactions.level=1 log.instance.Transactions.maxFileSize=2000 log.instance.Transactions.pluginName=file log.instance.Transactions.rolloverInterval=2592000 log.instance.Transactions.type=transaction logAudit.fileName=[PKI_INSTANCE_PATH]/logs/access logError.fileName=[PKI_INSTANCE_PATH]/logs/error ocsp.certNickname= ocsp.storeId=defStore ocsp.signing.certnickname= ocsp.signing.defaultSigningAlgorithm=SHA256withRSA ocsp.signing.tokenname=internal ocsp.store.defStore.class=com.netscape.cms.ocsp.DefStore ocsp.store.defStore.includeNextUpdate=false ocsp.store.defStore.notFoundAsGood=true ocsp.store.ldapStore.class=com.netscape.cms.ocsp.LDAPStore oidmap.auth_info_access.class=netscape.security.extensions.AuthInfoAccessExtension oidmap.auth_info_access.oid=1.3.6.1.5.5.7.1.1 oidmap.challenge_password.class=com.netscape.cms.servlet.cert.scep.ChallengePassword oidmap.challenge_password.oid=1.2.840.113549.1.9.7 oidmap.extended_key_usage.class=netscape.security.extensions.ExtendedKeyUsageExtension oidmap.extended_key_usage.oid=2.5.29.37 oidmap.extensions_requested_pkcs9.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested oidmap.extensions_requested_pkcs9.oid=1.2.840.113549.1.9.14 oidmap.extensions_requested_vsgn.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested oidmap.extensions_requested_vsgn.oid=2.16.840.1.113733.1.9.8 oidmap.netscape_comment.class=netscape.security.x509.NSCCommentExtension oidmap.netscape_comment.oid=2.16.840.1.113730.1.13 oidmap.ocsp_no_check.class=netscape.security.extensions.OCSPNoCheckExtension oidmap.ocsp_no_check.oid=1.3.6.1.5.5.7.48.1.5 oidmap.pse.class=netscape.security.extensions.PresenceServerExtension oidmap.pse.oid=2.16.840.1.113730.1.18 oidmap.subject_info_access.class=netscape.security.extensions.SubjectInfoAccessExtension oidmap.subject_info_access.oid=1.3.6.1.5.5.7.1.11 os.serverName=cert-[PKI_INSTANCE_ID] os.userid=nobody registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg selftests._000=## selftests._001=## Self Tests selftests._002=## selftests._003=## The Self-Test plugin SystemCertsVerification uses the selftests._004=## following parameters (where certusage is optional): selftests._005=## ocsp.cert.list = selftests._006=## ocsp.cert..nickname selftests._007=## ocsp.cert..certusage selftests._008=## selftests.container.instance.OCSPPresence=com.netscape.cms.selftests.ocsp.OCSPPresence selftests.container.instance.OCSPValidity=com.netscape.cms.selftests.ocsp.OCSPValidity selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification selftests.container.logger.bufferSize=512 selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile selftests.container.logger.enable=true selftests.container.logger.expirationTime=0 selftests.container.logger.fileName=[PKI_INSTANCE_PATH]/logs/selftests.log selftests.container.logger.flushInterval=5 selftests.container.logger.level=1 selftests.container.logger.maxFileSize=2000 selftests.container.logger.register=false selftests.container.logger.rolloverInterval=2592000 selftests.container.logger.type=transaction selftests.container.order.onDemand=OCSPPresence:critical, SystemCertsVerification:critical, OCSPValidity:critical selftests.container.order.startup=OCSPPresence:critical, SystemCertsVerification:critical selftests.plugin.OCSPPresence.OcspSubId=ocsp selftests.plugin.OCSPValidity.OcspSubId=ocsp selftests.plugin.SystemCertsVerification.SubId=ocsp smtp.host=localhost smtp.port=25 subsystem.0.class=com.netscape.ocsp.OCSPAuthority subsystem.0.id=ocsp subsystem.1.class=com.netscape.cmscore.selftests.SelfTestSubsystem subsystem.1.id=selftests subsystem.2.class=com.netscape.cmscore.util.StatsSubsystem subsystem.2.id=stats usrgrp._000=## usrgrp._001=## User/Group usrgrp._002=## usrgrp.ldap=internaldb multiroles._000=## multiroles._001=## multiroles multiroles._002=## multiroles.enable=true multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Administrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group,ClonedSubsystems