|
IssuerType_
n
|
Specifies the general name type of the CRL issuer that signed the CRL. The permissible values are as follows:
-
For RFC822Name, the value must be a valid Internet mail address. For example, testCA@example.com.
-
For DirectoryName, the value must be a string form of X.500 name, similar to the subject name in a certificate. For example, cn=SubCA, ou=Research Dept, o=Example Corporation, c=US.
-
For DNSName, the value must be a valid fully-qualified domain name. For example, testCA.example.com.
-
For EDIPartyName, the value must be an IA5String. For example, Example Corporation.
-
For URIName,
the value must be a non-relative URI following the URL syntax and
encoding rules. The name must include both a scheme, such as http, and a fully qualified domain name or IP address of the host. For example, http://testCA.example.com.
-
For IPAddress, the value must be a valid IP address. An IPv4 address must be in the format n.n.n.n or n.n.n.n,m.m.m.m. For example, 128.21.39.40 or 128.21.39.40,255.255.255.00. An IPv 6 address with netmask is separated by a comma. For example, 0:0:0:0:0:0:13.1.68.3, FF01::43, 0:0:0:0:0:0:13.1.68.3,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:255.255.255.0, and FF01::43,FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:0000.
-
For OIDName, the value must be a unique, valid OID specified in dot-separated numeric component notation. For example, 1.2.3.4.55.6.5.99.
-
OtherName is used for names with any other format; this supports PrintableString, IA5String, UTF8String, BMPString, Any, and KerberosName. PrintableString, IA5String, UTF8String, BMPString, and Any set a string to a base-64 encoded file specifying the subtree, such as /var/lib/rhpki-ca/othername.txt. KerberosName has the format Realm|NameType|NameStrings, such as realm1|0|userID1,userID2.
The value for this parameter must correspond to the value in the issuerName field.
|