The Fingerprint Certificate Mapper maps client certificates to user entries by looking for the MD5 or SHA1 fingerprint in a specified attribute of user entries.
The Fingerprint Certificate Mapper object inherits from Certificate Mapper.
Use the --advanced
option to access advanced properties.
Basic Properties
Advanced Properties
Synopsis | Indicates whether the Certificate Mapper is enabled. |
Default Value | None |
Allowed Values | true false |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the name of the digest algorithm to compute the fingerprint of client certificates. |
Default Value | None |
Allowed Values | md5: Use the MD5 digest algorithm to compute certificate fingerprints. sha1: Use the SHA-1 digest algorithm to compute certificate fingerprints. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the attribute in which to look for the fingerprint. |
Description | Values of the fingerprint attribute should exactly match the MD5 or SHA1 representation of the certificate fingerprint. |
Default Value | None |
Allowed Values | The name of an attribute type defined in the LDAP schema. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the set of base DNs below which to search for users. |
Description | The base DNs are used when performing searches to map the client certificates to a user entry. |
Default Value | The server performs the search in all public naming contexts. |
Allowed Values | A valid DN. |
Multi-valued | Yes |
Required | No |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the fully-qualified name of the Java class that provides the Fingerprint Certificate Mapper implementation. |
Default Value | org.opends.server.extensions.FingerprintCertificateMapper |
Allowed Values | A Java class that extends or implements: org.opends.server.api.CertificateMapper |
Multi-valued | No |
Required | Yes |
Admin Action Required | The object must be disabled and re-enabled for changes to take effect. |
Advanced | Yes |
Read-Only | No |