Certificate Criteria; Using A Certificate File To Specify Certificate Criteria; Using A Signed File To Specify Certificate Criteria; Using The Certificates In Your Store To Specify Certificate Criteria - Cisco 5520 - ASA IPS Edition Bundle Configuration Manual

Chapter 5 Setting Up CSD for Microsoft Windows Clients

Certificate Criteria

Check Enable identification using certificate criteria in the Identification for <Location> pane
(Figure
the properties of the location to the remote client.
For information about setting up your server to work with client certificates, see the
Note
Questions" section on page
Use one of the following instructions to examine the certificate Subject and Issuer fields to identify the
values to be completed in the "Issued By" and "Issued To" fields:
•
•
•

Using a Certificate File to Specify Certificate Criteria

To specify certificate criteria if you have a certificate file (for example, a *.cer or *.pfx file),
Double-click the certificate.
Step 1
The Certificate window opens.
Click the Details tab.
Step 2
Complete both of the fields in the "Certificate Criteria" area of the Identification for <Location> pane
Step 3
(Figure
Note
OL-8607-02
5-2) to specify values of a digital certificate on the remote client PC as a criterion for assigning
A-1.
Using a Certificate File to Specify Certificate Criteria

Using a Signed File to Specify Certificate Criteria

Using the Certificates in Your Store to Specify Certificate Criteria

5-2), as follows:
Issued By—Click Subject in the Field column under the Details tab of the Certificate window.
–
The area below the Field column displays the subordinate fields and values assigned to the
Subject field of the certificate. The subordinate fields include such names as "CN" for common
name, "O" for organization unit name, and "E" for e-mail address. Type the value of one of these
subfields in the Issued By field on the Identification for <Location> pane to match it against
the Subject field of the certificate.
Specify the value of the subfield. For example, type the value of the "O" field, not the "O" itself.
– Issued To—Click Issuer in the Field column under the Details tab of the Certificate window.
The area below the Field column displays the subordinate fields and values assigned to the
Issuer field of the certificate. The subordinate fields include such names as "CN" for common
name, "O" for organization unit name, and "E" for e-mail address. Type the value of one of these
subordinate fields in the Issued To field on the Identification for <Location> pane to match it
against the Issuer field of the certificate.
Defining Location Criteria
Cisco Secure Desktop Configuration Guide
"Frequently Asked
5-5