certmap.conf
Purpose
Configures how a certificate, designated by name,
is mapped to an LDAP entry, designated by issuerDN.
Location
server_root/bin/https/install/misc
server_root/userdb
Syntax
certmap name issuerDNname:property1 [value1]
name:property2 [value2]
...
The default certificate is named default, and the
default issuerDN is also named default.
Therefore, the first certmap defined in the file must be as follows:
certmap default default
You can use # at the beginning of a line to indicate a comment.
See Also
Sun Java System Web Server 6.1 SP11 Administrator’s Guide
The following table describes properties in the certmap.conf file.
The left column lists the property names. The second column from the left
lists allowed values. The third column from the left lists default values.
The right column lists property descriptions.
Table 6–1 certmap.conf Properties
|
Attribute
|
Allowed Values
|
Default Value
|
Description
|
|
DNComps
|
See Description
|
Commented out
|
Used to form the base DN for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:
-
Commented out: takes the user's DN from the certificate as
is.
-
Empty: searches the entire LDAP tree (DN == suffix).
-
Comma-separated attributes: forms the DN.
|
|
FilterComps
|
See Description
|
Commented out
|
Used to form the filter for performing an LDAP search while mapping
the certificate to a user entry. Values are as follows:
|
|
verifycert
|
on or off
|
off (commented out)
|
Specifies whether certificates are verified.
|
|
CmapLdapAttr
|
LDAP attribute name
|
certSubjectDN (commented out)
|
Specifies the name of the attribute in the LDAP database that contains
the DN of the certificate.
|
|
library
|
Path to shared lib or dll
|
None
|
Specifies the library path for custom certificate mapping code.
|
|
InitFn
|
Name of initialization function
|
None
|
Specifies the initialization function in the certificate mapping code
referenced by library.
|
