The Certificate-Mapping API consists of data structures and functions used to manage certificate mapping.
When a user authenticates to a Sun Java System server by sending a client certificate to the server, the server uses information in the certificate to search the user directory for the entry of the user.
You can configure some parts of this process by editing the file certmap.conf. This file specifies the following:
How the server searches the directory for the entry of the user.
Whether the server goes through an additional step of verifying that the user’s certificate matches the certificate presented to the server.
For more information about certmap.conf, see the Sun Java System Web Server 6.1 SP9 Administrator’s Configuration File Reference.
You can also modify this process programmatically. Sun Java System servers include a set of API functions (referred to here as the Certificate-Mapping API functions) that allow you to control this process. You can write your own functions to customize how certificate subject entries are found in the directory.
To use this API, you must have a copy of the Directory SDK. You can download a copy of this SDK from the following location:
http://developers.sun.com/index.html
For information about using the Certificate-Mapping API, see the Certificate-Mapping Programmer's Guide (http://developer.netscape.com/docs/manuals/certificate/contents.htm).