Filter
Top Products
8-73
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8 Managing Users and Identity Stores
Configuring Certificate Authentication Profiles
To create, duplicate, or edit a certificate authentication profile:
Step 1 Select Users and Identity Stores > Certificate Authentication Profile.
The Certificate Authentication Profile page appears.
Step 2 Do one of the following:
• Click Create.
• Check the check box next to the certificate authentication profile that you want to duplicate, then
click Duplicate.
• Click the certificate authentication profile that you want to modify, or check the check box next to
the name and click Edit.
The Certificate Authentication Profile Properties page appears.
Step 3 Complete the fields in the Certificate Authentication Profile Properties page as described in Table 8-21:
Step 4 Click Submit.
The Certificate Authentication Profile page reappears.
Related Topics
• Viewing Identity Policies, page 10-21
• Configuring Identity Store Sequences, page 8-74
• Creating External LDAP Identity Stores, page 8-26
Table 8-21 Certificate Authentication Profile Properties Page
Option Description
General
Name Enter the name of the certificate authentication profile.
Description Enter a description of the certificate authentication profile.
Certificate Definition
Principal Username X509
Attribute
Available set of principal username attributes for x509 authentication. The selection includes:
• Common Name
• Subject Alternative Name
• Subject Serial Number
• Subject
• Subject Alternative Name - Other Name
• Subject Alternative Name - EMail
• Subject Alternative Name - DNS
Perform Binary Certificate
Comparison with
Certificate retrieved from
LDAP or Active Directory
Check this check box if you want to validate certificate information for authentication against a
selected LDAP or AD identity store.
If you select this option, you must enter the name of the LDAP or AD identity store, or click
Select to select the LDAP or AD identity store from the available list.