Table of Contents
Advertisement
Mappers
LdapDNExactMap
The
LdapDNExactMap
Manager to map a certificate to an LDAP directory entry by searching for the
LDAP entry DN that matches the certificate subject name. Note that to be able to
use this mapper, each certificate subject name must exactly match a DN in a
directory entry. For example, assume the certificate subject name is this:
O=Example Corporation, C=US
When searching the directory for the entry, the Certificate Manager only searches
for an entry whose DN is this:
If no matching entries are found, the server returns an error and does not publish
the certificate.
This mapper does not require you to specify any values for any parameters because
it obtains all values from the certificate.
LdapSimpleMap
The
LdapSimpleMap
Manager to map a certificate to an LDAP directory entry by deriving the entry's
DN from components specified in the certificate request, certificate's subject name,
certificate extension, and attribute variable assertion (AVA) constants. For more
information on AVAs, see the directory documentation.
By default, the Certificate Manager uses mapper rules that are based on the simple
mapper. During installation, the Certificate Manager automatically creates an
instance of the simple mapper module. The instance is named
You can use the default mapper to map various types of end-entity certificates the
server will issue to their corresponding directory entries.
Configuration Parameters of LdapSimpleMap
The simple mapper requires you to specify just one parameter, which is named
dnPattern
An AVA can be a variable, such as
O=Example Corporation
form the DN pattern.
Example 1:
Example 2:
Example 3: uid=
E=$ext.SubjectAlternativeName.RFC822Name,ou=$subj.ou
640
Netscape Certificate Management System Administrator's Guide • February 2003
plug-in module enables you to configure a Certificate
UID=jdoe, O=Example Corporation, C=US
plug-in module enables you to configure a Certificate
. The value of
dnPattern
. The examples below illustrate how you can use AVAs to
uid=CertMgr, o=Example Corporation
CN=$subj.cn,OU=$subj.ou,O=$subj.o,C=US
$req.HTTP_PARAMS.uid,
can be a list of AVAs separated by commas.
, or a constant, such as
UID=$subj.UID
UID=jdoe,
.
LdapUserCertMap
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN