File: ca-signing-policy.tmpl

package info (click to toggle)
globus-simple-ca 5.0-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster
  • size: 544 kB
  • sloc: sh: 5,231; perl: 267; makefile: 98
file content (33 lines) | stat: -rw-r--r-- 1,268 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# ca-signing-policy.conf, see ca-signing-policy.doc for more information
#
# This is the configuration file describing the policy for what CAs are
# allowed to sign whoses certificates.
#
# This file is parsed from start to finish with a given CA and subject
# name.
# subject names may include the following wildcard characters:
#    *    Matches any number of characters.
#    ?    Matches any single character.
#
# CA names must be specified (no wildcards). Names containing whitespaces
# must be included in single quotes, e.g. 'Certification Authority'. 
# Names must not contain new line symbols. 
# The value of condition attribute is represented as a set of regular 
# expressions. Each regular expression must be included in double quotes.  
#
# This policy file dictates the following policy:
#   -The Globus CA can sign Globus certificates
#
# Format:
#------------------------------------------------------------------------
#  token type  | def.authority |                value              
#--------------|---------------|-----------------------------------------
# EACL entry #1|

 access_id_CA      X509         '${GRID_CA_SUBJECT}'

 pos_rights        globus        CA:sign

 cond_subjects     globus       '"${GRID_CA_COND_SUBJECT}"'

# end of EACL