Specifying the SSL certificate distinguished name (DN)

The CA root certificate that is stored in a WebSEAL key database file validates that a certificate received from the distributed session cache is authentic. By additionally checking the DN value in the certificate, you can ensure that the server certificate received by WebSEAL from the distributed session cache is the expected certificate.

About this task

To specify the accepted certificate DN values, use the ssl-valid-server-dn stanza entry in the [dsess-cluster] stanza of the WebSEAL configuration file.

Example

[dsess-cluster]
ssl-valid-server-dn = DN-value