7.5. Creating Rules
- Log into the Certificate Manager Console.
- In the Configuration tab, select Certificate Manager from the navigation tree on the left. Select Publishing, and then Rules.The Rules Management tab, which lists configured rules, opens on the right.
- To edit an existing rule, select that rule from the list, and click Rule Editor window.. This opens the
- To create a rule, click Select Rule Plug-in Implementation window.. This opens theSelect the
Rulemodule. This is the only default module. If any custom modules have been been registered, they are also available.
- Edit the rule.
- type. This is the type of certificate for which the rule applies. For a CA signing certificate, the value is
cacert. For a cross-signed certificate, the value is
xcert. For all other types of certificates, the value is
certs. For CRLs, specify
- predicate. This sets the predicate value for the type of certificate or CRL issuing point to which this rule applies. The predicate values for CRL issuing points, delta CRLs, and certificates are listed in Table 7.3, “Predicate Expressions”.
- mapper. Mappers are not necessary when publishing to a file; they are only needed for LDAP publishing. If this rule is associated with a publisher that publishes to an LDAP directory, select an appropriate mapper here. Leave blank for all other forms of publishing.
- publisher. Sets the publisher to associate with the rule.
Table 7.3. Predicate Expressions
|CRL Issuing Point|| |
To publish only the master CRL, set
|Certificate Profile|| |
To publish certificates based on the profile used to issue them, set