[Ejbca-develop] EJBCA and CSR Suggested Key Usages

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

EJBCA folks,

I am new to the world of CA's, so bear with me please.

Current Problem:
Microsoft CA has 4 registry keys that can be set to templates. Thus when a
CSR comes in, one of 4 possible templates is used. This level of
granularity does not suit me. Thus I am interested in using EJBCA for this
solution.
See:
http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx

What I need to do:
Via some remote interface, like SCEP but doesn't have to be, upload a CSR
and have all the fields honored. For instance, a snippet of my CSR:

--- snippet from CSR dump with openssl ---
        Requested Extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage:
                TLS Web Client Authentication, scardLogin, Any Extended Key
Usage
            X509v3 Certificate Policies:
                Policy: 2.16.840.1.101.3.2.1.3.13

Is their a way to configure EJBCA for this support, and any doc links are
much appreciated. Thank you.

-- 
Respectfully,

William C Roberts