|
Posted by MarkAlexander on October 4, 2006, 4:52 pm
Please log in for more thread options
It did appear in the root and issuing CA certs, but not in subsequent user
certs.
Note that we used the forest guid tip on page 98 of "Microsoft Windows
Server 2003 PKI and Certificate Security" to generate our own OID for the
issuer statement.
Below is the issuing CA capolicy.inf.
We are pretty stuck.
Thanks!
--
Mark
[Version]
Signature="$Windows NT$"
[PolicyStatementExtension]
Policies=LegalPolicy
[LegalPolicy]
OID=1.3.1.4.1.311.21.8.12764945.5603197.11616931.5177453.16042184.1.402
URL = http://www.xrce.xerox.com/xlpki/CPS/XeroxlabsCPS.html
Notice = Xeroxlabs Legal policy statement text
[certsrv_server]
keylength=4096
ValidityPeriod=Years
ValidityPeriodUnits=20
CRLPeriod=weeks
CRLPeriodUnits=33
CRLDeltaPeriodUnits=0
CRLDeltaPeriod=days
[CRLDistributionPoint]
URL=ldap:///CN=naca4,CN=naca,CN=CDP,CN=Public Key
Services,CN=Services,CN=Configuration,DC=XLPKI,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint
URL=http://naca.xlpki.com/CertEnroll/naca4.crl
URL = http://www.xrce.xerox.com/xlpki/CertEnroll/naca4.crl
[AuthorityInformationAccess]
URL=ldap:///CN=naca4,CN=AIA,CN=Public Key
Services,CN=Services,CN=Configuration,DC=XLPKI,DC=com?cACertificate?base?objectClass=certificationAuthority
URL=http://naca.xlpki.com/CertEnroll/naca.xlpki.com_naca4.crt
URL=http://www.xrce.xerox.com/xlpki/CertEnroll/naca.xlpki.com_naca4.crt
[BasicConstraintsExtension]
PathLength=4
| 
XML Sitemap