Cisco 5520 - ASA IPS Edition Bundle Configuration Manual page 44

Defining Location Criteria
CSD assigns the location to the client only if it has a certificate that contains both of the following, and
only if it matches at least one criterion in each of the completed areas in the Identification for
<Location> pane:
•
•
Using a Signed File to Specify Certificate Criteria
To specify certificate criteria if you have a signed file (that is, the file is not a certificate file, but contains
a certificate):
Step 1 Right click the file and choose Properties.
The Properties window opens.
Click the Digital Signatures tab (which appears only if the file is signed).
Step 2
Click Details.
Step 3
Click View Certificate.
Step 4
The Certificate window opens.
Click the Details tab.
Step 5
Complete both of the fields in the "Certificate Criteria" area of the Identification for <Location> pane
Step 6
(Figure
Note
CSD assigns the location to the client only if it has a certificate that contains both of the following, and
only if it matches at least one criterion in each of the completed areas in the Identification for
<Location> pane:
•
•
Cisco Secure Desktop Configuration Guide
5-6
Value in the Subject field that matches the value you specified in the "Issued By" field
Value in the Issuer field that matches the value you specified in the "Issued To" field
5-2), as follows:
Issued By—Click Subject in the Field column under the Details tab of the Certificate window.
–
The area below the Field column displays the subordinate fields and values assigned to the
Subject field of the certificate. The subordinate fields include such names as "CN" for common
name, "O" for organization unit name, and "E" for e-mail address. Type the value of one of these
subfields in the Issued By field on the Identification for <Location> pane to match it against
the Subject field of the certificate.
Specify the value of the subfield. For example, type the value of the "O" field, not the "O" itself.
Issued To—Click Issuer in the Field column under the Details tab of the Certificate window.
–
The area below the Field column displays the subordinate fields and values assigned to the
Issuer field of the certificate. The subordinate fields include such names as "CN" for common
name, "O" for organization unit name, and "E" for e-mail address. Type the value of one of these
subordinate fields in the Issued To field on the Identification for <Location> pane to match it
against the Issuer field of the certificate.
Value in the Subject field that matches the value you specified in the "Issued By" field
Value in the Issuer field that matches the value you specified in the "Issued To" field
Chapter 5 Setting Up CSD for Microsoft Windows Clients
OL-8607-02