AuthInfoAccessExt Plug-in Module140 Netscape Certificate Management System Plug-Ins Guide • March 2002AuthInfoAccessExt RuleThe rule named AuthInfoAccessExt is an instance of the AuthInfoAccessExtmodule. Certificate Management System automatically creates this rule duringinstallation. By default, the rule is configured as follows:• The rule is disabled.• The predicate expression (predicate=HTTP_PARAMS.certType==client)ensures that the policy is to be applied to client certificate requests processedby the server.• The extension is marked noncritical (to comply with the PKIXrecommendation).• The total number of access locations to be contained or allowed in theextension is set to 1 (numADs=1).• The access method for retrieving additional information about the CA that hasissued the certificate in which the extension appears is set to OCSP(ad0_method=ocsp).• The general-name type for the location that contains additional informationabout the CA that has issued the certificate in which the extension appears isset to URL (ad0_location_type=URL).• The address or location to get additional information about the CA that hasissued the certificate in which this extension appears is left blank for you toenter the URL at which the OCSP responder will service requests fromOCSP-compliant clients.Note that if you installed the Certificate Manager with it’s built-in OCSP serviceenabled, the policy rule will be enabled and the address location (ad0_location=)will be pointed to the Certificate Manager’s nonSSL end-entity port. For example, ifthe nonSSL end-entity port of your Certificate Manager is 80, the URL would looklike this: http://ocspResponder.example.com:80/ocspFor details on individual parameters defined in the rule, see Table 4-2 on page 135.You need to review this rule and make the changes appropriate for your PKI setup.For instructions, see section “Step 2. Modify Existing Policy Rules” in Chapter 18,“Setting Up Policies” of CMS Installation and Setup Guide. For instructions onadding additional instances, see section “Step 4. Add New Policy Rules” in thesame chapter.