[Pki-users] [dogtag] CA Issuers fields in authinfoaccess extension - how?
John Magne
jmagne at redhat.com
Thu Jan 14 18:36:36 UTC 2016
Here is an example in the file we ship DomainController.cfg
There are others in the directory /var/lib/pki/pki-tomcat/ca/profiles/ca if you need more:
policyset.set1.5.default.class_id=authInfoAccessExtDefaultImpl
policyset.set1.5.default.name=AIA Extension Default
policyset.set1.5.default.params.authInfoAccessADEnable_0=true
policyset.set1.5.default.params.authInfoAccessADLocationType_0=URIName
policyset.set1.5.default.params.authInfoAccessADLocation_0=http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit
policyset.set1.5.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.2
policyset.set1.5.default.params.authInfoAccessCritical=false
policyset.set1.5.default.params.authInfoAccessNumADs=1
----- Original Message -----
> From: "marcin kowalski" <yoshi314 at gmail.com>
> To: pki-users at redhat.com
> Sent: Thursday, January 14, 2016 5:00:56 AM
> Subject: [Pki-users] [dogtag] CA Issuers fields in authinfoaccess extension - how?
>
> Hi all ; I am running a subordinate ca dogtag instance, and i would like to
> copy AuthInfoExtension fields from the master ca cert into final
> certificates signed in dogtag
>
> I am struggling to add a few caIssuers fields to authInfoExtension fields in
> issued certificates
>
> the fields in question are to be like so (from openssl output of the master
> ca certificate)
>
> CA Issuers - URI: http://server/name.crt
> CA Issuers - URI: http://backupserver/name.crt
>
>
> Are there any examples out there so that i can figure this out?
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
More information about the Pki-users
mailing list