[Pki-users] Re: No CDP by default?
Christina Fu
cfu at redhat.com
Mon Apr 14 17:30:05 UTC 2008
Hi! Thank you for reading the manual! We encourage our community
members to file bugs not just for bugs in the software, but also for
clarity in documentations.
See http://pki.fedoraproject.org/wiki/PKI_Bugs.I encourage you to file a
bug.
thanks!
Christina
Chris Cayetano wrote:
> Hi Christina,
>
> That worked. Thanks for your help. Though minor, it appears the Red
> Hat documentation for IssuerType and IssuerName is also switched, correct?
>
> Thanks,
> Chris Cayetano
>
> http://www.redhat.com/docs/manuals/cert-system/7.3/html/Administration_Guide/Defaults_Reference-CRL_Distribution_Points_Extension_Default.html
>
>
> *IssuerName_ /n/ *
>
> Specifies the name of the issuer that has signed the CRL maintained at
> the distribution point. The name can be in any of the following formats:
>
> *
>
> RFC822Name
>
> *
>
> DirectoryName
>
> *
>
> DNSName
>
> *
>
> EDIPartyName
>
> *
>
> *URIName*
>
> *
>
> IPAddress
>
> *
>
> OIDName
>
> *
>
> OtherName
>
> *IssuerType_ /n/ *
>
> Specifies the general name type of the CRL issuer that signed the CRL.
> The permissible values are as follows:
>
> *
>
> For RFC822Name, the value must be a valid Internet mail address.
> For example, testCA at example.com <mailto:testCA at example.com>.
>
> *
>
> For DirectoryName, the value must be a string form of X.500
> name, similar to the subject name in a certificate. For example,
> cn=SubCA, ou=Research Dept, o=Example Corporation, c=US.
>
> *
>
> For DNSName, the value must be a valid fully-qualified domain
> name. For example, testCA.example.com <http://testCA.example.com>.
>
> *
>
> For EDIPartyName, the value must be an IA5String. For example,
> Example Corporation.
>
> *
>
> * For URIName, the value must be a non-relative URI following
> the URL syntax and encoding rules. The name must include both a
> scheme, such as http, and a fully qualified domain name or IP
> address of the host. For example, http://testCA.example.com.*
>
> *
>
> For IPAddress, the value must be a valid IP address. An IPv4
> address must be in the format n.n.n.n or n.n.n.n,m.m.m.m. For
> example, 128.21.39.40 <http://128.21.39.40> or 128.21.39.40
> <http://128.21.39.40>,255.255.255.00 <http://255.255.255.00>. An
> IPv 6 address with netmask is separated by a comma. For example,
> 0:0:0:0:0:0:13.1.68.3 <http://13.1.68.3>, FF01::43,
> 0:0:0:0:0:0:13.1.68.3
> <http://13.1.68.3>,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:255.255.255.0
> <http://255.255.255.0>, and
> FF01::43,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:0000.
>
> *
>
> For OIDName, the value must be a unique, valid OID specified in
> dot-separated numeric component notation. For example,
> 1.2.3.4.55.6.5.99.
>
> *
>
> OtherName is used for names with any other format; this supports
> PrintableString, IA5String, UTF8String, BMPString, Any, and
> KerberosName. PrintableString, IA5String, UTF8String, BMPString,
> and Any set a string to a base-64 encoded file specifying the
> subtree, such as /var/lib/rhpki-ca/othername.txt. KerberosName
> has the format /Realm|NameType|NameStrings/, such as
> realm1|0|userID1,userID2.
>
> The value for this parameter must correspond to the value in the
> issuerName field.
>
>
>
>
>
>
> On Mon, Apr 14, 2008 at 7:30 AM, Christina Fu <cfu at redhat.com
> <mailto:cfu at redhat.com>> wrote:
>
> Hi, your values for crlDistPointsIssuerType_0 and
> crlDistPointsIssueName_0 need to be switched. Let me know if this
> helps.
>
> Christina
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
More information about the Pki-users
mailing list