Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Customizing the OtherName field z/OS Cryptographic Services PKI Services Guide and Reference SA23-2286-00 |
|
When you use the OtherName field, you are able to bind additional identities or owner information to the subject of the certificate using the subject alternate name extension. These identities might take different forms, such as employee numbers, customer account numbers, and other identities that you choose to use. The OtherName value is a concatenated string that consists of one or more pairs of OIDs and their associated values. The string is saved in the subject alternate name extension in the certificate. PKI Services implements the OtherName field as a customizable INSERT
called AltOther_<OID>. The following certificate
template in pkiserv.tmpl is supplied to illustrate
the use of the INSERT fields.
The n-year PKI certificate template builds a certificate
using information provided primarily by users, rather than information
that you control. For demonstration purposes, the template builds
a certificate that contains all extensions supported by PKI Services.
The template contains two sample OtherName fields:
When you choose to use the OtherName field to build the subject alternate name extension, you might also want to customize the end-user Web pages to allow end-users to enter the required information using customized input screens that will be easier for them to use. For example, rather than asking a user to enter a string like the one shown below, you can prompt the user to enter a 9-digit license number and its expiration date. Example of an OtherName field value:
|
Copyright IBM Corporation 1990, 2014
|