| Class | Description |
|---|---|
| AgentPolicy |
AgentPolicy is an enrollment policy wraps another policy module.
|
| AttributePresentConstraints |
This checks if attribute present.
|
| DefaultRevocation |
This is the default revocation policy.
|
| DSAKeyConstraints |
DSAKeyConstraints policy enforces min and max size of the key.
|
| IssuerConstraints |
IssuerConstraints is a rule for restricting the issuers of the
certificates used for certificate-based enrollments.
|
| KeyAlgorithmConstraints |
KeyAlgorithmConstraints enforces a constraint that the RA or a CA
honor only the keys generated using one of the permitted algorithms
such as RSA, DSA or DH.
|
| ManualAuthentication |
ManualAuthentication is an enrollment policy that queues
all requests for issuing agent's approval if no authentication
is present.
|
| RenewalConstraints |
Whether to allow renewal of an expired cert.
|
| RenewalValidityConstraints |
RenewalValidityConstraints is a default rule for Certificate
Renewal.
|
| RevocationConstraints |
Whether to allow revocation of an expired cert.
|
| RSAKeyConstraints |
RSAKeyConstraints policy enforces min and max size of the key.
|
| SigningAlgorithmConstraints |
SigningAlgorithmConstraints enforces that only a supported
signing algorithm be requested.
|
| SubCANameConstraints |
This simple policy checks the subordinate CA CSR to see
if it is the same as the local CA.
|
| UniqueSubjectName |
This class is used to help migrate CMS4.1 to CMS4.2.
|
| UniqueSubjectNameConstraints |
Checks the uniqueness of the subject name.
|
| ValidityConstraints |
ValidityConstraints is a default rule for Enrollment and
Renewal that enforces minimum and maximum validity periods
and changes them if not met.
|