Configuring the SAN Attribute Policy Handler

1. Open the Custom Handlers tab of the Policy Module Configuration Properties and load the SAN The subject alternative name (SAN) is an extension to the X.509 specification that allows you to specify additional values when enrolling for a digital certificate. A variety of SAN formats are supported, with DNS name being the most common. Attribute Policy Handler as per Modifications to the Policy Module Configuration.
2. Highlight the SAN Attribute Policy Handler under Loaded Handlers and click Configure.
3. On the SAN Attribute Policy Handler dialog, select the templates under management by the SAN Attribute policy handler. The templates selected during initial installation will be displayed here when you first open the dialog. Certificate enrollments via CSR A CSR or certificate signing request is a block of encoded text that is submitted to a CA when enrolling for a certificate. When you generate a CSR within Keyfactor Command, the matching private key for it is stored in Keyfactor Command in encrypted format and will be married with the certificate once returned from the CA. from any source made using the templates selected here on the configured CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. will be allowed to submit SANs outside the CSR.

   

   Figure 411: Modify Templates for Management with the SAN Attribute Policy Handler