000023418 - How can I make RCM reject a certificate request if the certificate validity period is different ?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000023418
Applies ToKeon Certificate Authority 6.7
IssueHow can I make RCM reject a certificate request if the certificate validity period is different to the certificate validity period specified at the CA?
Using the RCM API, calling XudaCASignCertificate to submit a CSR
 If the certificate validity period in a CSR does not match the validity period defined by the Jurisdiction / Profile at the CA, then depending on the CA settings, the Certificate Validity Period will either be the one defined in the CSR, or the one defined at the CA.  
It is not currently possible to have RCM reject the request if the validity periods do not match.

In order to achive this functionality, it would be possible to write a customer proxy that sits between the client and the RCM, and which would parse the request and decide whether to forward the request to the CA, or to reject the request
If you require such a proxy, one option would be to engage RSA Professional Services Organization to write one that exactly matches your needs.
Legacy Article IDa34158

Attachments

    Outcomes