certmap.conf
The certmap.conf file configures how a certificate
is mapped to an LDAP entry designated by issuerDN.
The following table describes the certmap.conf file
properties.
Table 10–1  
certmap.conf Properties
| Attribute                           | Allowed Values                           | Default Value                           | Description                           | 
| 
DNComps
 | See description  | Commented out  | Used to form the base DN for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:  
Commented out – Takes the user's DN from the certificate
as is
Empty – Searches the entire LDAP tree (DN == suffix)
Comma-separated attributes – Forms the DN | 
| 
FilterComps
 | See description  | Commented out  | Used to form the filter for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:  | 
| 
verifycert
 | 
on or off
 | 
off (commented out) | Specifies whether certificates are verified.  | 
| 
CmapLdapAttr
 | Name of the LDAP attribute   | 
certSubjectDN (commented out) | Specifies the name of the attribute in the LDAP database that contains
the DN of the certificate.  | 
| 
library
 | Path to shared lib or dll
 | None  | Specifies the library path for custom certificate mapping code.  | 
| 
InitFn
 | Name of initialization function  | None  | Specifies the initialization function in the certificate mapping code
referenced by library. | 
 
Location
instance-dir/config
Syntax
certmap name issuerDNname:property1 [value1]
name:property2 [value2]
...
The default certificate is named default, and the
default issuerDN is also named default.
Therefore, the first certmap.conf defined in the file must
be as follows:
certmap default default
Use # at the beginning of a line to indicate a comment.
See Also
Oracle iPlanet Web Server 7.0.9 Administrator’s Guide