SSL Authorization Parameters

You can specify the SSL authorization parameters in the SSLAuth.cfg file, which is located in the $CFROOT/config/ directory.

Note: You must define the parameters in uppercase.

The following table lists SSL authorization parameters to configure the SSLAuth.cfg file:

Parameter Description
/CN Defines the common name defined in a certificate. This is usually the name of the person who requests the certificate.

Generic entries are supported.

/OU Defines the organization unit defined in a certificate. This is also known as the department.

Generic entries are supported.

/O Defines the organization defined in a certificate. This is also known as the company.

Generic entries are supported.

/L Defines the locality defined in a certificate. This is also known as the city.

Generic entries are supported.

/ST Defines the state/province defined in a certificate.

Generic entries are supported.

/C Defines the country defined in a certificate.

Generic entries are supported.

/SN Defines the serial number defined in a certificate.

Generic entries are not supported.

/SDATE Defines the start date for a certificate in the format: ccyymmdd.

The start date is compared against the date that the transfer request is received.

  • If the start date is before the current date, then authorization file checking turns to the next parameter.
  • If the start date is after the current date, then the transfer request is terminated, and an error is sent to the remote system.

Generic entries are not supported.

/STIME Defines the start time for a certificate in the format: hhmm.

The start time is compared against the time that the transfer request is received. This parameter is used in conjunction with the SDATE parameter.

  • If the start time is before the current date, then authorization file checking turns to the next parameter.
  • If the start time is after the current date, then the transfer request is terminated, and an error is sent to the remote system.

Generic entries are not supported.

/EDATE Defines the end date for a certificate in the format: ccyymmdd.

The end date is compared against the date that the transfer request is received.

  • If the end date is after the current date, then authorization file checking turns to the next parameter.
  • If the end date is before the current date, then the transfer request is terminated, and an error is sent to the remote system.

Generic entries are not supported.

/ETIME Defines the end time for a certificate in the format: hhmm.

The end time is compared against the time that the transfer request is received. This parameter is used in conjunction with the EDATE parameter.

  • If the end time is after the current date, then authorization file checking turns to the next parameter.
  • If the end time is before the current date, then the transfer request is terminated, and an error is sent to the remote system.

Generic entries are not supported.

/USER

When defined, the user associated with the SSLAUTH entry is saved and replaces the user ID and password sent by the client. This parameter allows authentication without requiring a user ID and password. /USER=root is not allowed.