summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/caTokenMSLoginEnrollment.cfg
blob: 37c9af5e02380635573c0e1d9642c8aa649cb55a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
desc=This profile is for enrolling MS Login Certificate
enable=true
enableBy=admin
name=Token User MS Login Certificate Enrollment
visible=false
auth.instance_id=AgentCertAuth
input.list=i1
input.i1.class_id=nsNKeyCertReqInputImpl
input.i1.name=nsNKeyCertReqInputImpl
output.list=o1
output.o1.class_id=nsNKeyOutputImpl
output.o2.name=nsNKeyOutputImpl
policyset.list=set1
#policyset.set1.list=p2,p4,p5,p1,p6,p7,p8,p9,p12,p13,p14
policyset.set1.list=p2,p4,p5,p1,p6,p8,p9,p12,p13,p14,p15
policyset.set1.p1.constraint.class_id=noConstraintImpl
policyset.set1.p1.constraint.name=No Constraint
policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
policyset.set1.p1.default.params.dnpattern=CN=uid=$request.uid$,E=$request.mail$, ou=$request.upn$, o=example
#changed ldap.enable to true to support SMIME
policyset.set1.p1.default.params.ldap.enable=true
policyset.set1.p1.default.params.ldap.searchName=uid
policyset.set1.p1.default.params.ldapStringAttributes=uid,mail,givenName,sn,upn
policyset.set1.p1.default.params.ldap.basedn=ou=People,dc=example,dc=com
policyset.set1.p1.default.params.ldap.maxConns=4
policyset.set1.p1.default.params.ldap.minConns=1
policyset.set1.p1.default.params.ldap.ldapconn.Version=2
policyset.set1.p1.default.params.ldap.ldapconn.host=localhost.localdomain
policyset.set1.p1.default.params.ldap.ldapconn.port=389
policyset.set1.p1.default.params.ldap.ldapconn.secureConn=false
policyset.set1.p2.constraint.class_id=noConstraintImpl
policyset.set1.p2.constraint.name=No Constraint
policyset.set1.p2.default.class_id=validityDefaultImpl
policyset.set1.p2.default.name=Validity Default
policyset.set1.p2.default.params.range=1825
policyset.set1.p2.default.params.startTime=0
policyset.set1.p4.constraint.class_id=noConstraintImpl
policyset.set1.p4.constraint.name=No Constraint
policyset.set1.p4.default.class_id=signingAlgDefaultImpl
policyset.set1.p4.default.name=Signing Algorithm Default
policyset.set1.p4.default.params.signingAlg=-
policyset.set1.p5.constraint.class_id=noConstraintImpl
policyset.set1.p5.constraint.name=No Constraint
policyset.set1.p5.default.class_id=keyUsageExtDefaultImpl
policyset.set1.p5.default.name=Key Usage Extension Default
policyset.set1.p5.default.params.keyUsageCritical=true
policyset.set1.p5.default.params.keyUsageCrlSign=false
policyset.set1.p5.default.params.keyUsageDataEncipherment=false
policyset.set1.p5.default.params.keyUsageDecipherOnly=false
policyset.set1.p5.default.params.keyUsageDigitalSignature=true
policyset.set1.p5.default.params.keyUsageEncipherOnly=false
policyset.set1.p5.default.params.keyUsageKeyAgreement=false
policyset.set1.p5.default.params.keyUsageKeyCertSign=false
policyset.set1.p5.default.params.keyUsageKeyEncipherment=false
policyset.set1.p5.default.params.keyUsageNonRepudiation=true
policyset.set1.p6.constraint.class_id=noConstraintImpl
policyset.set1.p6.constraint.name=No Constraint
policyset.set1.p6.default.class_id=subjectAltNameExtDefaultImpl
policyset.set1.p6.default.name=Subject Alternative Name Extension Default
policyset.set1.p6.default.params.subjAltExtGNEnable_0=true
policyset.set1.p6.default.params.subjAltExtGNEnable_1=true
policyset.set1.p6.default.params.subjAltExtGNEnable_2=false
policyset.set1.p6.default.params.subjAltExtGNEnable_3=false
policyset.set1.p6.default.params.subjAltExtGNEnable_4=false
policyset.set1.p6.default.params.subjAltExtPattern_0=$request.mail$
policyset.set1.p6.default.params.subjAltExtPattern_1=(UTF8String)1.3.6.1.4.1.311.20.2.3,$request.upn$
policyset.set1.p6.default.params.subjAltExtPattern_2=
policyset.set1.p6.default.params.subjAltExtPattern_3=
policyset.set1.p6.default.params.subjAltExtPattern_4=
policyset.set1.p6.default.params.subjAltExtType_0=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_1=OtherName
policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name
policyset.set1.p6.default.params.subjAltNameExtCritical=false
policyset.set1.p6.default.params.subjAltNameNumGNs=2
policyset.set1.p7.constraint.class_id=noConstraintImpl
policyset.set1.p7.constraint.name=No Constraint
policyset.set1.p7.default.class_id=certificatePoliciesExtDefaultImpl
policyset.set1.p7.default.name=Certificate Policies Extension Default
policyset.set1.p7.default.params.Critical=false
policyset.set1.p7.default.params.PoliciesExt.num=5
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.enable=true
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.explicitText.value=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.enable=false
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.explicitText.value=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
 policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p8.constraint.class_id=noConstraintImpl
policyset.set1.p8.constraint.name=No Constraint
policyset.set1.p8.default.class_id=subjectKeyIdentifierExtDefaultImpl
policyset.set1.p8.default.name=Subject Key Identifier Default
policyset.set1.p9.constraint.class_id=noConstraintImpl
policyset.set1.p9.constraint.name=No Constraint
policyset.set1.p9.default.class_id=authorityKeyIdentifierExtDefaultImpl
policyset.set1.p9.default.name=Authority Key Identifier Extension Default
policyset.set1.p12.constraint.class_id=basicConstraintsExtConstraintImpl
policyset.set1.p12.constraint.name=Basic Constraints Extension Constraint
policyset.set1.p12.constraint.params.basicConstraintsCritical=-
policyset.set1.p12.constraint.params.basicConstraintsIsCA=-
policyset.set1.p12.constraint.params.basicConstraintsMaxPathLen=-1
policyset.set1.p12.constraint.params.basicConstraintsMinPathLen=-1
policyset.set1.p12.default.class_id=basicConstraintsExtDefaultImpl
policyset.set1.p12.default.name=Basic Constraints Extension Default
policyset.set1.p12.default.params.basicConstraintsCritical=false
policyset.set1.p12.default.params.basicConstraintsIsCA=false
policyset.set1.p12.default.params.basicConstraintsPathLen=-1
policyset.set1.p13.constraint.class_id=noConstraintImpl
policyset.set1.p13.constraint.name=No Constraint
policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.params.crlDistPointsCritical=false
policyset.set1.p13.default.params.crlDistPointsNum=1
policyset.set1.p13.default.params.crlDistPointsEnable_0=true
policyset.set1.p13.default.params.crlDistPointsIssuerName_0=
policyset.set1.p13.default.params.crlDistPointsIssuerType_0=
policyset.set1.p13.default.params.crlDistPointsPointName_0=http://localhost.localdomain:9443/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL
policyset.set1.p13.default.params.crlDistPointsPointType_0=URIName
policyset.set1.p13.default.params.crlDistPointsReasons_0=
policyset.set1.p14.constraint.class_id=noConstraintImpl
policyset.set1.p14.constraint.name=No Constraint
policyset.set1.p14.default.class_id=authInfoAccessExtDefaultImpl
policyset.set1.p14.default.name=AIA Extension Default
policyset.set1.p14.default.params.authInfoAccessADEnable_0=true
policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName
policyset.set1.p14.default.params.authInfoAccessADLocation_0=http://localhost.localdomain:9443/ca/ocsp
policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
policyset.set1.p14.default.params.authInfoAccessCritical=false
policyset.set1.p14.default.params.authInfoAccessNumADs=1
policyset.set1.p15.constraint.class_id=noConstraintImpl
policyset.set1.p15.constraint.name=No Constraint
policyset.set1.p15.default.class_id=extendedKeyUsageExtDefaultImpl
policyset.set1.p15.default.name=Extended Key Usage Extension Default
policyset.set1.p15.default.params.exKeyUsageCritical=false
policyset.set1.p15.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.4.1.311.20.2.2