source: branches/irods-mockup/certs/NAREGI.signing_policy @ 197

Revision 197, 1.4 KB checked in by mmamonski, 11 years ago (diff)

certs in main dir - used by make linux dist

Line 
1# ca-signing-policy.conf, see ca-signing-policy.doc for more information
2#
3# This is the configuration file describing the policy for what CAs are
4# allowed to sign whoses certificates.
5#
6# This file is parsed from start to finish with a given CA and subject
7# name.
8# subject names may include the following wildcard characters:
9#    *    Matches any number of characters.
10#    ?    Matches any single character.
11#
12# CA names must be specified (no wildcards). Names containing whitespaces
13# must be included in single quotes, e.g. 'Certification Authority'.
14# Names must not contain new line symbols.
15# The value of condition attribute is represented as a set of regular
16# expressions. Each regular expression must be included in double quotes. 
17#
18# This policy file dictates the following policy:
19#   -The Globus CA can sign Globus certificates
20#
21# Format:
22#------------------------------------------------------------------------
23#  token type  | def.authority |                value             
24#--------------|---------------|-----------------------------------------
25# EACL entry #1|
26
27 access_id_CA      X509         '/C=JP/O=National Research Grid Initiative/OU=CGRD/CN=NAREGI CA'
28
29 pos_rights        globus        CA:sign
30
31 cond_subjects     globus       '"/C=JP/O=National Research Grid Initiative/OU=CGRD/*" "/C=JP/O=National Research Grid Initiative/OU=NII/*"'
32# end of EACL
33
Note: See TracBrowser for help on using the repository browser.