Options for CA Policy.inf
[Version]
Name | Value | Description | Required |
---|---|---|---|
Signature | ”$Windows NT$” | Version info | Yes |
[certsrv_server]
Name | Value | Description | From Version |
---|---|---|---|
RenewalKeyLength | 512,1024,2048,4096 | Key Length when CA Certificate is renewed | 2003 |
RenewalValidityPeriod | days,weeks,years | Validation time for the next CA Certificate issued | 2003 |
RenewalValidityPeriodUnits | (number) | Validation time for the next CA Certificate issued | 2003 |
CRLPeriod | days,weeks,years | - | 2003 |
CRLPeriodUnits | (number) | - | 2003 |
CRLDeltaPeriod | days,weeks,years | - | 2003 |
CRLDeltaPeriodUnits | (number) | - | 2003 |
ClockSkewMinutes | (numbers) | Effective time set in CRL minus x minutes | 2008 |
LoadDefaultTemplates | 0/1 or True/False | If true, defaults templates will be loaded and automatically deployed | 2008 |
AlternateSignatureAlgorithm | 0/1 or True/False | Enables PKCS #1 V2.1 Signatre format on both CA certificate and certificates issued,0=SHA384RSA,1=RSASSA-PSS(Not Supported by Cisco+++) | 2008 |
CNGHashAlgorithm | SHA1,SHA256, SHA384,SHA512 | Hash Algorithm used to in certificates issued | 2008 |
ForceUTF8 | 0/1 or True/False | Force relative distinguished names (RDNs) in Subject and Issuer names to be UTF-8 | 2008 |
EnableKeyCounting | 0/1 or True/False | CA will increment a counter every time a the CA's signing key is used. (Only supported by some HSM modules, do not enable on software CSP's) | 2008 |
[BasicConstraintsExtension]
Name | Value | Description | From Version |
---|---|---|---|
PathLength | (number) | Number of SUBCA's. set to 0 in the LAST CA, add one for each CA above in the PKI chain | 2003 |
Critical | (yes/no,1/0/true/false) | — | 2003 |
[CrossCertificateDistributionPointsExtension]
Name | Value | Description | From Version |
---|---|---|---|
SyncDeltaTime | (number) | How often in seconds the URL is updated | 2008 |
URL | (URL) | http location of partner CA certificate | 2008 |
Critical | (yes/no,1/0/true/false) | — | 2003 |