EntrustNET and ESM CA specific attributes
Defines the values that the EntrustNET CA uses for certificate enrollment and renewal.
-
Class Name: X509 Certificate.
Available when the Certificate Authority attribute references an object of the EntrustNET CA class. - Inheritance: Parent class—Application Base, Parent class—Validation Base and Parent class—X509 Certificate Base
- Attribute Names: Most CA specific attributes use the [Class name]: and the attribute name. For example: EntrustNET CA:Additional Emails.
- Additional attributes may appear on the Support tab.
|
Attribute |
Description |
|---|---|
|
EntrustNET CA:Additional Emails UI: Other Email Addresses
Required: No
|
Policy Definable: No. Default: NA One or more secondary email contacts. Each contact would be another instance of the attribute. |
|
EntrustNET CA:Additional Field Value UI: Tracking Fields
Required: No
|
Policy Definable: No. Default: NA No NA An identifier-value pair for a custom field defined in the Entrust Certificate Management Service portal. The custom field identifier consists of the word Text plus consecutive numbers starting at 1 for the respective field. For example Text1 for the first Text field, Text2 for the second Text field, Text3 for the third Text field, and so on. Syntax: <field identifier>,<value> |
|
EntrustNET CA:Additional Field UI: NA
Required: No
|
Policy Definable: No. Default: NA Internal. |
|
EntrustNET CA:Email Address* UI: Email
Required: Yes
|
Policy Definable: Yes. Default: NA The email address. |
|
EntrustNET CA:First Name* UI: First Name
Required: Yes
|
Policy Definable: Yes. Default: NA The first name of a person. |
|
EntrustNET CA:Last Name* UI: Last Name
Required: Yes
|
Policy Definable: Yes. Default: NA The last name of a person. |
|
EntrustNET CA:Specific End Date UI: End Date
Required: No
|
Policy Definable: No. Default: NA No NA The exact certificate expiration date to use the next time the certificate renews. The date must occur between the request date and the expiration date based on the Validity Period. If the CA template does not allow Specific End Date, this attribute is ignored. |
|
EntrustNET Validity Period UI: NA
Required: No
|
Policy Definable: No. Default: NA Read only. Tracks the most recent time that the driver polled the CA to determine whether the requested certificate is ready for retrieval. By default the driver checks once every 5 minutes. If the timestamp value is not set, the driver continually polls the CA. The value updates after every unsuccessful retrieval. |
|
ESM CA:Override Default Key Update Policy UI: Override Default Key Update Policy
Required: No
|
Policy Definable: No. Default: NA Overrides the Entrust Security Manager (ESM) CA’s private key update requirements. 0 = No override. 1 = Use the validity period from the Certificate object. Set the key lifetimes instead of using the default key update policy defined for the Entrust user. |
|
Validity Period UI: NA
Required: No
|
Policy Definable: No. Default: NA The number of months that a certificate is valid. If the value is not set, the shortest validity period allowed by the CA template is the default. If a user assigns a CA template to a Discovered certificate and then renews the certificate, the value also resets to the shortest validity period. |
* The Entrust Certificate Services CA collects this information at the time of enrollment.