Examples: SSL Authorization
A system administrator can determine whether to accept or reject certificates by personalizing SSL authorization. For example, you can set the SSL authorization parameters and the ACCEPT and REVOKE|REJECT statements in the SSLAuth.cfg file to use this feature.
- To accept all certificates defined with the organization (/O) of
OrgA, and the organization unit (/OU) of
Marketing, and reject all other certificates, set the following in the
SSLAuth.cfg file:
Accept /OU=Marketing/O=OrgA revoke
- To reject any certificates with the serial number (/SN) of
987654 or
123456, but accept all other certificates, set the following in the
SSLAuth.cfg file:
revoke /SN=987654 revoke /SN=123456 Accept
- To accept all certificates defined with the organization (/O) of
ACME, and the organization unit (/OU) started with
ACCT, but reject all other certificates, set the following in the
SSLAuth.cfg file:
Accept /OU=ACCT*/O=ACME revoke
- To accept all certificates matching the specification of the
/CN,
/L,
/ST,
/C,
/OU and
/O parameters, and the validation from December 1, 2008 to November 30, 2009, and to reject all other certificates, set the following in the
SSLAuth.cfg file:
Accept /CN=Joe*, /L=New York, /ST=NY, /C=US, /OU=Dept1, /O=ACME, /SDATE=20081201, /EDATE=200911300 revoke
Copyright © Cloud Software Group, Inc. All rights reserved.