Table of Contents
Advertisement
The
file is stored in the
certmap.conf
file contains a default mapping as well as mappings for specific CAs.
The default mapping specifies what the server should do if a client certificate was
issued by a CA that isn't listed in
specify what the server should do for client certificates issued by those CAs. All
mappings define the following:
•
Where in the directory the server should begin its search
•
What certificate attributes the server should use as search criteria
•
Whether the server should verify the certificate with one that is stored in the
directory
Mappings have the following syntax:
certmap name issuerDN
name:property [value]
name:property [value]
...
The first line of a mapping specifies the mapping's name as well as the DN for the
issuer of the client certificate. You can name a mapping whatever you want, but the
must exactly match the issuer DN of the CA that issued the client
issuerDN
certificate. For example, the following two
number of spaces they contain, but the server would treat these two entries as
different:
certmap moz ou=Netscape CA,o=Netscape,c=US
certmap moz ou=Netscape CA, o=Netscape, c=US
The second and subsequent lines of a mapping identify the rules that the server
should use when searching the directory for information extracted from a
certificate. These rules are specified through the use of one or more of the following
properties:
,
DNComps
. These properties are explained next.
InitFn
DNComps
is a comma-separated list of relative distinguished name (RDN) keywords
DNComps
used to determine where in the user directory the server should start searching for
entries that match the information for the owner of the client certificate. The server
gathers values for these keywords from the client certificate and uses the values to
form a DN, which determines where the server starts its search in the directory.
<server_root>/shared/config
certmap.conf
,
FilterComps
VerifyCert
Chapter 10
Using Client Authentication
. The mappings for specific CAs
lines differ only in the
issuerDN
,
CmapLdapAttr
Using SSL and TLS with Netscape Servers
folder. The
,
, and
Library
199
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE CONSOLE 6.0 - MANAGING SERVERS
Related Products for Netscape NETSCAPE CONSOLE 6.0 - MANAGING SERVERS
- Netscape NETSCAPE DIRECTORY SERVER 6.01
- Netscape NETSCAPE DIRECTORY SERVER 6.02
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - GATEWAY CUSTOMIZATION
- Netscape NETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTERPRISE SERVER 6.1 - NSAPI PROGRAMMER GUIDE
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR
- Netscape NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE