3.1.2.4.2.2 Certificate Template Processing Rules

  • Article

The client MUST follow the rules identified in this section to create a request based on the abstract data model specified in section 3.1.2.1.

  • Clients MUST adhere to the following rules based on the existence or value of the Certificate.Template.msPKI-Template-Schema-Version datum:

    • If the Certificate.Template.msPKI-Template-Schema-Version datum was not set by the caller, or if the datum has a value of 1, the client MUST adhere to the processing rules as specified in section 3.1.2.4.2.2.1.1.

    • If the value of the Certificate.Template.msPKI-Template-Schema-Version datum is 2, 3, or 4, the client SHOULD adhere to the processing rules as specified in sections 3.1.2.4.2.2.1.1 and 3.1.2.4.2.2.1.2.<41>

  • The client MUST ignore attributes and flags of a certificate template that are not specified in the following sections.