#numRequests: Total number of PKCS10 requests or CRMF requests. numRequests=1 #input: full path for the PKCS10 request or CRMF request, #the content must be in Base-64 encoded format #Multiple files are supported. They must be separated by space. input=DemoECpkcs10.b64 #output: full path for the CMC request in binary format output=DemoECpkcs10.cmc #nickname: nickname for agent certificate which will be used #to sign the CMC full request. tokenname=NHSM6000-OCS nickname=cfu pkcs10nfast admin pki-ca-ecc-08202012 2 #dbdir: directory for cert8.db, key3.db and secmod.db dbdir=./ #password: password for cert8.db which stores the agent #certificate password=xxxxx #format: request format, either pkcs10 or crmf format=pkcs10 #confirmCertAcceptance.enable: if true, then the request will #contain this control. Otherwise, false. confirmCertAcceptance.enable=true #confirmCertAcceptance.serial: The serial number for #confirmCertAcceptance control confirmCertAcceptance.serial=3 #confirmCertAcceptance.issuer: The issuer name for #confirmCertAcceptance control confirmCertAcceptance.issuer=cn=Certificate Manager,c=us #getCert.enable: if true, then the request will contain this #control. Otherwise, false. getCert.enable=true #getCert.serial: The serial number for getCert control getCert.serial=3 #getCert.issuer: The issuer name for getCert control getCert.issuer=cn=Certificate Manager,c=us #dataReturn.enable: if true, then the request will contain #this control. Otherwise, false. dataReturn.enable=true #dataReturn.data: data contained in the control. dataReturn.data=test #transactionMgt.enable: if true, then the request will contain #this control. Otherwise, false. transactionMgt.enable=true #transactionMgt.id: transaction identifier. Verisign recommend #transactionId to be MD5 hash of publicKey. transactionMgt.id= #senderNonce.enable: if true, then the request will contain this #control. Otherwise, false. senderNonce.enable=true #senderNonce.id: sender nonce senderNonce.id= #revRequest.enable: if true, then the request will contain this #control. Otherwise, false. revRequest.enable=false #revRequest.nickname: The nickname for the revoke certificate revRequest.nickname=newuser's 102504a ID #revRequest.issuer: The issuer name for the certificate being #revoked. revRequest.issuer=cn=Certificate Manager,c=us #revRequest.serial: The serial number for the certificate being #revoked. revRequest.serial=61 #revRequest.reason: The reason for revoking this certificate: # unspecified, keyCompromise, caCompromise, # affiliationChanged, superseded, cessationOfOperation, # certificateHold, removeFromCRL revRequest.reason=unspecified #revRequest.sharedSecret: The sharedSecret revRequest.sharedSecret= #revRequest.comment: The human readable comment revRequest.comment= #revRequest.invalidityDatePresent: if true, the current time will be the # invalidityDate. If false, no invalidityDate # is present. revRequest.invalidityDatePresent=false #identityProof.enable: if true, then the request will contain #this control. Otherwise, false. identityProof.enable=false #identityProof.sharedSecret: Shared Secret identityProof.sharedSecret=testing #popLinkWitness.enable: if true, then the request will contain #this control. Otherwise, false. #If you want to test this control, make sure to use CRMFPopClient # to generate the CRMF request which will include the #idPOPLinkWitness attribute in the controls section of the #CertRequest structure. popLinkWitness.enable=false #LraPopWitness.enable: if true, then the request will contain this #control. Otherwise, false. LraPopWitness.enable=false #LraPopWitness.bodyPartIDs: List of body part IDs #Each id is separated by space. LraPopWitness.bodyPartIDs=1