Policy Server Guides › Policy Server Configuration Guide › SiteMinder Test Tool › Certificate-based Authentication Tests › Custom Attribute Mappings for Testing › Create Custom Certificate Mappings

Create Custom Certificate Mappings

You can use the Policy Server's certificate mapping feature to provide custom mappings for certificates.

Note: The following procedure assumes you are creating a new object. You can also copy the properties of an existing object to create an object. More information exists in Duplicate Policy Server Objects.

To create and use a custom attribute in a certificate mapping

1. Click Infrastructure, Directory.
2. Click Certification Mapping, Create Certificate Mapping.

   The Create Certificate Mapping pane opens.

3. Verify that Create a new object is selected, and click OK.

   Certificate mapping settings open.

   Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

4. Enter the full issuer DN in the Issuer DN field.
5. Select the Custom radio button in the Mapping group box.

   The Mapping Expressions field opens.

6. Enter a custom mapping expression.

   This notation is used to specify two different attributes that are acceptable for a certificate mapping.

   • For Email:

     %{E/Email}

   • For ST:

     %{S/ST}

   • For User Id:

     %{UID/UserID}

   Note: More information about custom mapping expressions exists in Certificate Attributes that Require Custom Mappings.

7. Click Submit.

   The custom mapping is saved. The Policy Server now handles requests from both Web Servers and the Test tool where the Email attribute is represented differently in the issuer DN. You can use this process for any of the other attributes mentioned in Certificate Attributes that Require Custom Mappings.