Sun OpenSSO Enterprise 8.0 Administration Guide


The Certificate authentication module requires a personal digital certificate (PDC) to identify and authenticate a user. The module can be configured to require a match between the user's PDC and a PDC stored in the configuration data store, as well as verification against a Certificate Revocation List. It can also require the use of the Online Certificate Status Protocol (OCSP) to determine the state of a certificate. Successful or failed authentication is dependent on whether or not the certificate is valid. The following information should be considered before using the Certificate authentication module.

For information on the Certificate authentication module attributes, see Certificate in Sun OpenSSO Enterprise 8.0 Administration Reference.