Steps to modify pkiserv.conf for different certificate types
Before you begin
Refer to the sample configuration file directives in Sample PKI Services configuration file directives for IdenTrust compliance.Procedure
Perform the following steps to
modify the PKI Services configuration
file (pkiserv.conf) to add a certificate policy for
each type of IdenTrust certificate you intend to issue:
- Copy the sample OIDs directives to the OIDs section.
________________________________________________________________
- Copy the sample CertPolicy directives to the CertPolicy section.
________________________________________________________________
- For each IdenTrust certificate policy you add, replicate
one of the OIDs directives copied in Step 1.
________________________________________________________________
- Change the name and value of the directive as needed
for the particular certificate profile. The name you choose is arbitrary,
but must be unique.
________________________________________________________________
- Replicate one pair of PolicyNamenn and UserNoticeTextnn (the CertPolicy directives)
copied in Step 2.
________________________________________________________________
- Change the value of the PolicyNamenn directive
to match the name defined in Step 4.
________________________________________________________________
- Change the value of the UserNoticeTextnn directive
as needed for this policy.
________________________________________________________________
- Change the policy number in the directives' name (the nn in PolicyNamenn and UserNoticeTextnn)
as needed for the particular policy being defined. The number you
choose is arbitrary, but must be unique. Use the same number for both
directives.
________________________________________________________________
- For each IdenTrust certificate policy you add, repeat Step 3 through Step 8.
________________________________________________________________