|Applies To||Keon Certificate Authority 6.7|
|Issue||How can I make RCM reject a certificate request if the certificate validity period is different to the certificate validity period specified at the CA?|
Using the RCM API, calling XudaCASignCertificate to submit a CSR
If the certificate validity period in a CSR does not match the validity period defined by the Jurisdiction / Profile at the CA, then depending on the CA settings, the Certificate Validity Period will either be the one defined in the CSR, or the one defined at the CA.
It is not currently possible to have RCM reject the request if the validity periods do not match.
In order to achive this functionality, it would be possible to write a customer proxy that sits between the client and the RCM, and which would parse the request and decide whether to forward the request to the CA, or to reject the request
If you require such a proxy, one option would be to engage RSA Professional Services Organization to write one that exactly matches your needs.
|Legacy Article ID||a34158|