3.3.x. LDAP Entry
[DOCUMENT TOP] /
[TESTCASE MANAGER]
The 'LDAP entry' is almost same with a part of LDIF file
for a distinguished name.
However, the only difference is the dynamic representation
of binary value for certificates, CRLs and cross certificate pairs.
- certificate
-
If the entry contains the string ":< db_cert_#CERTID",
it will be replaced by BASE64 encoded certificate
which has the number "#CERTID" as ID number.
userCertificate;binary:< db_cert_#CERTID
cACertificate;binary:< db_cert_#CERTID
- CRL
-
If the entry contains the string ":< db_crl_#CRLID",
it will be replaced by BASE 64 encoded CRL which has the number
"#CRLID" as ID number.
authorityRevocationList;binary:< db_crl_#CRLID
certificateRevocationList;binary:< db_crl_#CRLID
- cross certificate pair
-
If the entry containts the string ":< db_ccp_#CCPID",
it will be replaced by BASE64 encoded cross certificate pair
which has the number "#CCPID" as ID number.
There is another dynamic represention for a cross certificate pair.
That is ":< db_certs_#ISSUEDTOCERTID_#ISSUEDBYCERTID".
One of "#ISSUEDTOCERTID" or "#ISSUEDBYCERTID" may be omitted.
crossCertificatePair;binary:< db_ccp_#CCPID
crossCertificatePair;binary:< db_certs_#ISSUEDTOCERTID_#ISSUEDBYCERTID".
3.3.x.1. Using template.
You can input any attribute type and atribute value as a part of LDIF file
in 'Entry' field of 'LDAP Entry' editor.
To help input to 'Entry' field, you can use template by
clicking marked links as below.
Provied templates are following.
- C - countryName
- O - organizationName
- OU - organizationalUnitName
- CN - commonName
- Ref - referral
- +pkiCA
- +pkiUser
JNSA/IPA Challenge PKI Test Suite