Management & Control Services Help Management & Control Services Help

Security Services Client Certificates Page

Use the options on the Security Services Client Certificates page to set options for specifying a CA certificate and mapping client certificates to user names from your directory services.

Trusted Certificate Authorities: Displays a list of trusted certificate authorities contained in your CA certificate file.

Add: Display a dialog box from which you can select a CA certificate file name. You need to install the CA certificate for your client certificate on the MCS server.

Remove: Remove the selected certificate authority from the list.

Mapping of Certificate to MCS User: Use the Mapping options to map client certificates to user names. The user name looked up in the directory service is the result of applying the specified mapping options to a field in the client certificate. Only the Field option is required.

Field: Select the field in the distinguished name (DN) of your client certificate that should be used to obtain the user name.

From: (optional) When the specified character is found, it is replaced with the character under To.

To: (optional) Specify the character to substitute for the character found under From.

Use the From and To options to make character substitutions and truncation if you need to remove special characters that are not allowed in the online directory.

For example, specifying From=. and To=- will change all periods to dashes in the text before performing the directory lookup. Multiple substitutions are also supported. For example, if you specify From=./ and To=-_, then every period is replaced with a dash and every slash is replaced with an underscore.

In addition, certain characters can be specified as truncation characters. For example, the domain name of an e-mail address can be truncated by From=@ and To=. When the From character does not have a corresponding To character, the From character is treated as a truncator. The two operations can be combined, for example, mapFrom=.@ and mapTo=-.

Prefix: (optional) Specify the text to add to the beginning of the user name after the From/To replacement has been made.

Suffix: (optional) Specify the text to add to the end of the user name after the From/To replacement has been made.

Example DN: Displays an example of the standard fields in a distinguished name (DN).

MCS User: Displays the result of applying the specified mapping options to the selected field in the example DN.

Save: Save your changes.

Bullet Overview of Security Services
Bullet Configuring Security Services
Bullet Overview of Certificates
Bullet Obtaining and Installing Certificates
Bullet Configuring the Directory Service