Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The <CAURI> complex type is used to define the URI for a certificate authority, which includes specifying the supported authentication type, the URI, and a relative priority.
-
<xs:complexType name="CAURI"> <xs:sequence> <xs:element name="clientAuthentication" type="xs:unsignedInt" /> <xs:element name="uri" type="xs:anyURI" /> <xs:element name="priority" type="xs:unsignedInt" nillable="true" /> <xs:element name="renewalOnly" type ="xs:boolean" nillable="true" /> <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>
clientAuthentication: The <clientAuthentication> element is used to define the supported authentication type for the <uri> element of this CAURI object. The <clientAuthentication> element is an unsigned integer that MUST have one of the following values.
-
Integer value
Meaning
1
Anonymous Authentication
2
Transport Kerberos Authentication
4
Message Username and Password Authentication
8
Message X.509 Certificate Authentication
uri: The <uri> element is used to store a Uniform Resource Identifier (URI) entry for a CA (section 3.1.4.1.3.2) object.
priority: The <priority> element is an integer value that represents the priority value for the URI. The <priority> element value is used as a relative indicator against other CAURI objects. The lower the integer value, the higher the priority. Two CAURI objects have the same priority if the integer values of each <priority> element are the same. A CAURI object is considered to have a lower priority if the <priority> element integer value is more than the integer value of the <priority> element of an alternate CAURI object.
renewalOnly: The <renewalOnly> element is an xs:boolean value that identifies whether the corresponding CAURI object can accept all types of requests, or only renewal requests. If the value is true, the server that is addressed by the CAURI object only accepts renewal requests. If the value is false, other request types are supported.