The default policy plug-ins shipped with Oracle Certificate Authority are generic. You may need to enhance the default policy framework to suit your organization by writing custom policy plug-ins. Application programming interfaces (APIs) are provided to get information about certificate requests, certificates, and other generic functions. Adding a policy is also referred to as registering a policy with Oracle Certificate Authority.
To add a custom policy:
Write a Java class that implements the OCACustomPolicyPlugin interface.
See the oracle.security.oca.policy package in the Javadoc provided with the other documentation for descriptions of the classes and methods provided in OCACustomPolicyPlugin.
See the Oracle Certificate Authority Administrator's Guide for information about writing a custom policy Java class
Package your custom policy Java class into a .jar file and place it in the following location, depending on your platform:
(UNIX) $ORACLE_HOME/oca/policy
(Windows) ORACLE_BASE\ORACLE_HOME\oca\policy
If the policy subdirectory does not exist, then create it.
To register your custom policy with Oracle Certificate Authority, log in to the administrative Web GUI.
On the main Policy page of the Configuration Management tab, select the Operation type for the custom policy you want to add and click Go. The Policy Rules page for that Operation appears.
On the Policy Rules page for the Operation type you selected, click Add, which is located on the rightmost side of the page. The Custom Policy Details page appears.
On the Custom Policy Details page, enter the information for your custom policy into the provided fields. The following describes the type of information each field requires:
Name: The name of your customer policy. For example, AuditCertDetails.
Description: A description of what your custom policy does.
Class: The name of the Java class that implements your custom policy. See Steps 1 and 2.
Check Enable this policy to activate the custom policy and click OK. A message appears confirming that a new policy has been added.
Check that the policy precedence is what you want for this policy. See Reordering Policy Precedence
Restart the Oracle Certificate Authority server for your custom policy to take effect. See Starting and Stopping Oracle Certificate Authority Server