Previous Topic: How SiteMinder Establishes an SSL Connection for Certificates

Next Topic: X.509 Client Certificate Scheme Prerequisites

How SiteMinder Identifies Users Based on Certificates

Once SiteMinder establishes an SSL connection between the SSL certificate server and the user, the SiteMinder Web Agent collects the user's certificate information and passes it to the Policy Server for verification. The certificate is then mapped to a user DN in a directory. For LDAP directories, you can configure the Policy Server to verify that the same certificate is associated with the user DN in the directory and to check the appropriate Certificate Revocation List (CRL) to ensure the certificate has not been revoked. For WinNT directories you can configure the Policy Server to check CRLs.


Copyright © 2010 CA. All rights reserved. Email CA about this topic