certmap.conf
The certmap.conf file configures how a certificate,
designated by name, is mapped to an LDAP entry,
designated by issuerDN.
Location
<install-root>/bin/https/install/misc
<install-root>/userdb
Syntax
certmap name issuerDNname:property1 [value1]
name:property2 [value2]
...
The default certificate is named default, and the
default issuerDN is also named default.
Therefore, the first certmap defined in the file must be
as follows:
certmap default default
Use # at the beginning of a line to indicate a comment.
See Also
Sun Java System Web Proxy Server 4.0.11 Administration Guide
The following table describes properties in the certmap.conf file.
The left column lists the property names. The second column from the left
lists allowed values. The third column from the left lists default values.
The right column lists property descriptions.
Table 7–1
certmap.conf Properties
Attribute
|
Allowed Values
|
Default Value
|
Description
|
DNComps
|
See Description
|
Commented out
|
Used to form the base DN for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:
-
Commented out: takes the user’s DN from the certificate
as is.
-
Empty: searches the entire LDAP tree (DN == suffix).
-
Comma-separated attributes: forms the DN.
|
FilterComps
|
See Description
|
Commented out
|
Used to form the filter for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:
|
verifycert
|
on or off
|
off (commented out)
|
Specifies whether certificates are verified.
|
CmapLdapAttr
|
LDAP attribute name
|
certSubjectDN (commented out)
|
Specifies the name of the attribute in the LDAP database that contains
the DN of the certificate.
|
library
|
Path to shared lib or dll
|
None
|
Specifies the library path for custom certificate mapping code.
|
InitFn
|
Name of initialization function
|
None
|
Specifies the initialization function in the certificate mapping code
referenced by library.
|