Public Client Certificate File Name

When AM is configured to perform client certificate validation, set this property to the name of the file that contains the client certificate chain.

Agents using OpenSSL libraries must specify the certificate chain as a PEM file. For example: com.forgerock.agents.config.cert.file = /opt/certificates/pub_client.pem

Agents using the Windows built-in Secure Channel API must choose one of the following options:

  • Store the certificate chain and its private key as a Personal Information Exchange Format (PFX) file, then configure it in the agent property. You must also configure the Private Key Password property.

  • Store the certificate locally in the Windows certificate store and configure the friendly name of the client certificate as it shows in Windows, in the agent property.

Default: Empty

Property name

com.forgerock.agents.config.cert.file

Property aliases

com.forgerock.agents.config.cert.file (since 4.x)

Type

String

Bootstrap property

Yes

Required property

No

Restart required

No