DIGTCERT profile names
The name of a DIGTCERT profile is derived from the certificate's serial number and the
issuer's distinguished name (IDN). Any character in either value that would not be valid in a RACF® profile name, such as a blank, is replaced with the
¢
character (X'4A').
The maximum length of a DIGTCERT profile name is 246 characters. The format of the profile name is based on the combined length of the certificate's serial number and the issuer's distinguished name (IDN), including the period.
serial-number.issuer's-distinguished-name
41D87A3B05DE6FBD466C2069661E3872
and
the issuer's distinguished name is OU=VeriSign Class1.O=VeriSign.L=Internet
,
the profile name of the DIGTCERT profile is as follows:41D87A3B05DE6FBD466C2069661E3872.OU=VeriSign¢Class1.O=VeriSign.L=Internet
serial-number.<first-portion-of-IDN><certificate-hash><last-portion-of-IDN>
Example: If the certificate's serial number is 0E
and
the issuer's distinguished name is as follows, the resulting profile
name is as shown:
CN=Entrust Certification Authority - L1B.OU=(c) 2008 Entrust,Inc
..OU=www.entrust.net/CPS is incorporated by reference.OU=CPS CON
TAINS IMPORTANT LIMITATIONS OF WARRANTIES AND LIABILITY.OU=AND A
DDITIONAL TERMS GOVERNING USE AND RELIANCE.OU=Entrust,Inc.C=US
0E.CN:Entrust Certification Authority - L1B.OU:(c) 2008 Entrust,
Inc..OU:www.entrust.net/CPS i de9f2c7fd25e1b3afad3e85a0bd17d9b10
0db4b32fd4e1c67a2d28fced849ee1 ES AND LIABILITY.OU:AND ADDITIONA
L TERMS GOVERNING USE AND RELIANCE.OU:Entrust,Inc.C:US
When a DIGTCERT profile name contains a certificate hash
value, each occurrence of the equal sign (=
) delimiter
is replaced with a colon (:
).