PreviousNextUp[Front page] [Index]

Adding Policy Module Attributes

You can add Policy modules to the entity or to a shared secret of the entity. The modules can affect the way the incoming certification requests containing this key are handled by the system. This is generally used to shorten the processing time by allowing a certificate to be automatically issued. They can also be used to identify the certification request to the operator, thereby allowing faster manual identity verification.

Policy modules that are added to the entity affect all certification requests by the entity. Policy modules added to a shared secret affect only the requests made with that secret.

For the policy modules of the entity or a shared secret to take effect, the CA policy must contain the Apply Policy Attributes module in the receive-request chain. See Section Editing CA Policy Chains.

To add a policy module to an entity, select the desired module from the -- Add New Policy Module -- drop-down list on the Entity page and click Add. After you have added the desired policy modules click the Commit Changes button to update the entry in the Database.

To add a policy module to a shared secret, click edit next to the secret to go to the Pre-Shared Secret page. Select the desired module from the -- Add New Policy Module -- drop-down list and click Add. After you have added the desired policy modules click the Commit Changes button to update the entry in the Database and return to the Entity page.

The currently supported policy module attributes are the following:

  • Accept All

  • Active Certificate Limit

  • Add Policy Info Extension

  • Add Qualified Certificate Statement

  • Apply Profile

  • Drop Extensions

  • Match Subject Name

  • Reject All

  • Remove Basic Constraints

  • Set Absolute Validity Period

  • Set Certificate Template

  • Set Extended Key Usage

  • Set GUID

  • Set Key Usage

  • Set Meta Info : CRL Sticky

  • Set Meta Info : Publish

  • Set Request Field From Entity

  • Set Signature Algorithm

  • Set Subject Name

  • Set Validity Period

See Section Policy Modules for a detailed description of the policy modules.


PreviousNextUp[Front page] [Index]