| Index |
| A unique index for this entry. |
| Command |
| The task to perform for this entry. Possible values: getca-scep(1), -- Retrieve CA certificate via SCEP enroll-scep(2), -- Enroll using SCEP enroll-manual(3), -- Do a manual enrollment delete(8) -- Cancel the task and delete this entry Enumerations: - getca-scep (1)
- enroll-scep (2)
- enroll-manual (3)
- delete (8)
|
| Url |
| The url to access for the task. Range: 0 to 255 |
| CertName |
| The name of the resulting certificate (for certificate retrieval tasks) or the name of the certificate to use (for certificate export tasks. Range: 0 to 255 |
| SubjectName |
| The subject name to include into the certificate request. Range: 0 to 255 |
| SubjectAltName |
| The subject alternative name to include into the certificate request (optional). Range: 0 to 255 |
| SubjectAltName2 |
| A second subject alternative name (optional). Range: 0 to 255 |
| SubjectAltName3 |
| A third subject alternative name (optional). Range: 0 to 255 |
| KeyIndex |
| The index of the key in the ipsecPublicKeyTable to use for certificate enrollment. |
| CaCertIndex |
| The index of the CA certificate to use (from the certTable). |
| CaDomain |
| The domain for which the CA certificate is to be received (getca_scep command only). Range: 0 to 255 |
| Password |
| The password (SCEP: challenge password, CMP: <ref-no>:<psk>. Range: 0 to 255 |
| AutoSave |
| Determines if pending requests should be saved permanently after each try and results should be saved permanently after finish. Enumerations: |
| PollInterval |
| The interval (in seconds) between polls. Range: 5 to 86400 |
| MaxPolls |
| The maximum number of polls performed. A value of -1 means forever, a value of 0 disables polling, i.e. the task is cancelled if the initial result is delayed. Range: -1 to 32767 |
| NumPolls |
| The number of polls already performed. |
| State |
| The state of the task specified by this entry. Enumerations: - done (1)
- error (2)
- running (3)
- delayed (4)
- polling (5)
- notreached (6)
|
| RaSignCertIndex |
| The index of the Registration Authority's (RA) certificate to use for signing purposes (from the certTable). |
| RaEncryptCertIndex |
| The index of the Registration Authority's (RA) certificate to use for encryption purposes (from the certTable). |
| KeyLength |
| The key length in bits used in requests for certificate enrollment. |
| CaFingerprint |
| This object holds the fingerprint of the CA certificate computed as an SHA1 or MD5 hash. This object is compared against an externally retrieved SHA1 / MD5 fingerprint (e.g. published on a CA's web site) to assure the authenticity of the certificate. |
| NoCrls |
| This object determines how CRL checking is set for certificates retrieved during certificate enrollment. Possible Values: true(1), -- do not check for certificate revocation -- lists for this CA (no meaning for non-CA -- certificates) false(2), -- check for certificate revocation -- lists for this CA (no meaning for non-CA -- certificates) auto(3), -- check for crls only if there is a -- CRLDistributionPoint in the certificate inherit(4), -- inherit from superior ca in chain. Enumerations: - true (1)
- false (2)
- auto (3)
- inherit (4)
|