Procedure
Perform the following steps to
modify the
PKI Services configuration
file (
pkiserv.conf) to add a certificate policy for
each type of IdenTrust certificate you intend to issue:
- Copy the sample OIDs directives to the OIDs section.
________________________________________________________________
- Copy the sample CertPolicy directives to the CertPolicy section.
________________________________________________________________
- For each IdenTrust certificate policy you add, replicate
one of the OIDs directives copied in Step 1.
________________________________________________________________
- Change the name and value of the directive as needed
for the particular certificate profile. The name you choose is arbitrary,
but must be unique.
________________________________________________________________
- Replicate one pair of PolicyNamenn and UserNoticeTextnn (the CertPolicy directives)
copied in Step 2.
________________________________________________________________
- Change the value of the PolicyNamenn directive
to match the name defined in Step 4.
________________________________________________________________
- Change the value of the UserNoticeTextnn directive
as needed for this policy.
________________________________________________________________
- Change the policy number in the directives' name (the nn in PolicyNamenn and UserNoticeTextnn)
as needed for the particular policy being defined. The number you
choose is arbitrary, but must be unique. Use the same number for both
directives.
________________________________________________________________
- For each IdenTrust certificate policy you add, repeat Step 3 through Step 8.
________________________________________________________________
When you are done: You
have defined a certificate policy for each type of IdenTrust certificate
you intend to issue.