When create-ldap-entry is false, use the following set of parameters to define each user variable CA Gateway supplies to Entrust Authority Entrust Certificate Authority.
Where <i> is an integer value number starting at 0. For example:
ca-variable-0-type: UserTypeca-variable-0-name: cnca-variable-0-value: <firstname>ca-variable-0-in-dn: trueca-variable-1-type: UserTypeca-variable-1-name: snca-variable-1-value: <lastname>ca-variable-1-in-dn: falseca-variable-2-type: Customca-variable-2-name: emailca-variable-2-value: <email>ca-variable-2-in-dn: falseMandatory: Only when create-ldap-entry is false.
ca-variable-<i>-type
The type of variable. Supported values are:
- CertType
- Custom
- UserType
- Variable
ca-variable-<i>-name
The name of the Managed CA variable. See the table below for examples.
name | type | Value |
|---|---|---|
cn | UserType | Common Name attribute in the directory. |
sn | UserType | Serial Number attribute in the directory. |
Custom | The certificate subject's email. Entrust Authority Entrust Certificate Authority and clients like UMS understand the |
ca-variable-<i>-value
The value of the Managed CA variable. This value must include one or more substrings surrounded by angle brackets. For example:
<firstname>for the user's first name.<lastname>for the user's last name.
Client applications will provide the actual values during enrollment.
ca-variable-<i>-in-dn
true to include the variable value in the user's Distinguished Name (DN), false to exclude the variable value from the user DN.