summaryrefslogtreecommitdiffstats
path: root/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg
blob: ebc231808cbbcaa33978df4a9dad2f50b90b5d25 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
desc=This profile is for enrolling Token Signing key
enable=true
enableBy=admin
name=Token User Signing Certificate Enrollment
visible=false
auth.instance_id=AgentCertAuth
input.list=i1
input.i1.class_id=nsNKeyCertReqInputImpl
input.i1.name=nsNKeyCertReqInputImpl
output.list=o1
output.o1.class_id=nsNKeyOutputImpl
output.o2.name=nsNKeyOutputImpl
policyset.list=set1
#policyset.set1.list=p2,p4,p5,p1,p6,p7,p8,p9,p12,p13,p14
policyset.set1.list=p2,p4,p5,p1,p6,p8,p9,p12
policyset.set1.p1.constraint.class_id=noConstraintImpl
policyset.set1.p1.constraint.name=No Constraint
policyset.set1.p1.default.class_id=nsTokenUserKeySubjectNameDefaultImpl
policyset.set1.p1.default.name=nsTokenUserKeySubjectNameDefault
policyset.set1.p1.default.params.dnpattern=UID=$request.uid$, O=Token Key User
#changed ldap.enable to true to support SMIME
policyset.set1.p1.default.params.ldap.enable=false
policyset.set1.p1.default.params.ldap.searchName=uid
policyset.set1.p1.default.params.ldapStringAttributes=uid,mail
policyset.set1.p1.default.params.ldap.basedn=
policyset.set1.p1.default.params.ldap.maxConns=4
policyset.set1.p1.default.params.ldap.minConns=1
policyset.set1.p1.default.params.ldap.ldapconn.Version=2
policyset.set1.p1.default.params.ldap.ldapconn.host=
policyset.set1.p1.default.params.ldap.ldapconn.port=
policyset.set1.p1.default.params.ldap.ldapconn.secureConn=false
policyset.set1.p2.constraint.class_id=noConstraintImpl
policyset.set1.p2.constraint.name=No Constraint
policyset.set1.p2.default.class_id=validityDefaultImpl
policyset.set1.p2.default.name=Validity Default
policyset.set1.p2.default.params.range=1825
policyset.set1.p2.default.params.startTime=0
policyset.set1.p4.constraint.class_id=noConstraintImpl
policyset.set1.p4.constraint.name=No Constraint
policyset.set1.p4.default.class_id=signingAlgDefaultImpl
policyset.set1.p4.default.name=Signing Algorithm Default
policyset.set1.p4.default.params.signingAlg=-
policyset.set1.p5.constraint.class_id=noConstraintImpl
policyset.set1.p5.constraint.name=No Constraint
policyset.set1.p5.default.class_id=keyUsageExtDefaultImpl
policyset.set1.p5.default.name=Key Usage Extension Default
policyset.set1.p5.default.params.keyUsageCritical=true
policyset.set1.p5.default.params.keyUsageCrlSign=false
policyset.set1.p5.default.params.keyUsageDataEncipherment=false
policyset.set1.p5.default.params.keyUsageDecipherOnly=false
policyset.set1.p5.default.params.keyUsageDigitalSignature=true
policyset.set1.p5.default.params.keyUsageEncipherOnly=false
policyset.set1.p5.default.params.keyUsageKeyAgreement=false
policyset.set1.p5.default.params.keyUsageKeyCertSign=false
policyset.set1.p5.default.params.keyUsageKeyEncipherment=false
policyset.set1.p5.default.params.keyUsageNonRepudiation=true
policyset.set1.p6.constraint.class_id=noConstraintImpl
policyset.set1.p6.constraint.name=No Constraint
policyset.set1.p6.default.class_id=subjectAltNameExtDefaultImpl
policyset.set1.p6.default.name=Subject Alternative Name Extension Default
policyset.set1.p6.default.params.subjAltExtGNEnable_0=true
policyset.set1.p6.default.params.subjAltExtGNEnable_1=false
policyset.set1.p6.default.params.subjAltExtGNEnable_2=false
policyset.set1.p6.default.params.subjAltExtGNEnable_3=false
policyset.set1.p6.default.params.subjAltExtGNEnable_4=false
policyset.set1.p6.default.params.subjAltExtPattern_0=$request.mail$
policyset.set1.p6.default.params.subjAltExtPattern_1=
policyset.set1.p6.default.params.subjAltExtPattern_2=
policyset.set1.p6.default.params.subjAltExtPattern_3=
policyset.set1.p6.default.params.subjAltExtPattern_4=
policyset.set1.p6.default.params.subjAltExtType_0=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_1=OtherName
policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name
policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name
policyset.set1.p6.default.params.subjAltNameExtCritical=false
policyset.set1.p6.default.params.subjAltNameNumGNs=1
policyset.set1.p7.constraint.class_id=noConstraintImpl
policyset.set1.p7.constraint.name=No Constraint
policyset.set1.p7.default.class_id=certificatePoliciesExtDefaultImpl
policyset.set1.p7.default.name=Certificate Policies Extension Default
policyset.set1.p7.default.params.Critical=false
policyset.set1.p7.default.params.PoliciesExt.num=5
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.enable=true
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy0.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy1.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy2.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy3.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.policyId=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.CPSURI.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.enable=false
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.explicitText.value=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.noticeNumbers=
policyset.set1.p7.default.params.PoliciesExt.certPolicy4.PolicyQualifiers0.usernotice.noticeReference.organization=
policyset.set1.p8.constraint.class_id=noConstraintImpl
policyset.set1.p8.constraint.name=No Constraint
policyset.set1.p8.default.class_id=subjectKeyIdentifierExtDefaultImpl
policyset.set1.p8.default.name=Subject Key Identifier Default
policyset.set1.p9.constraint.class_id=noConstraintImpl
policyset.set1.p9.constraint.name=No Constraint
policyset.set1.p9.default.class_id=authorityKeyIdentifierExtDefaultImpl
policyset.set1.p9.default.name=Authority Key Identifier Extension Default
policyset.set1.10.constraint.class_id=renewGracePeriodConstraintImpl
policyset.set1.10.constraint.name=Renewal Grace Period Constraint
policyset.set1.10.constraint.params.renewal.graceBefore=30
policyset.set1.10.constraint.params.renewal.graceAfter=30
policyset.set1.10.default.class_id=noDefaultImpl
policyset.set1.10.default.name=No Default
policyset.set1.p12.constraint.class_id=basicConstraintsExtConstraintImpl
policyset.set1.p12.constraint.name=Basic Constraints Extension Constraint
policyset.set1.p12.constraint.params.basicConstraintsCritical=-
policyset.set1.p12.constraint.params.basicConstraintsIsCA=-
policyset.set1.p12.constraint.params.basicConstraintsMaxPathLen=-1
policyset.set1.p12.constraint.params.basicConstraintsMinPathLen=-1
policyset.set1.p12.default.class_id=basicConstraintsExtDefaultImpl
policyset.set1.p12.default.name=Basic Constraints Extension Default
policyset.set1.p12.default.params.basicConstraintsCritical=false
policyset.set1.p12.default.params.basicConstraintsIsCA=false
policyset.set1.p12.default.params.basicConstraintsPathLen=-1
policyset.set1.p13.constraint.class_id=noConstraintImpl
policyset.set1.p13.constraint.name=No Constraint
policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl
policyset.set1.p13.default.params.crlDistPointsCritical=false
policyset.set1.p13.default.params.crlDistPointsNum=1
policyset.set1.p13.default.params.crlDistPointsEnable_0=false
policyset.set1.p13.default.params.crlDistPointsIssuerName_0=
policyset.set1.p13.default.params.crlDistPointsIssuerType_0=
policyset.set1.p13.default.params.crlDistPointsPointName_0=
policyset.set1.p13.default.params.crlDistPointsPointType_0=URIName
policyset.set1.p13.default.params.crlDistPointsReasons_0=
policyset.set1.p14.constraint.class_id=noConstraintImpl
policyset.set1.p14.constraint.name=No Constraint
policyset.set1.p14.default.class_id=authInfoAccessExtDefaultImpl
policyset.set1.p14.default.name=AIA Extension Default
policyset.set1.p14.default.params.authInfoAccessADEnable_0=false
policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName
policyset.set1.p14.default.params.authInfoAccessADLocation_0=
policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1
policyset.set1.p14.default.params.authInfoAccessCritical=false
policyset.set1.p14.default.params.authInfoAccessNumADs=1