au-ssl-user-attribute

This command specifies that a component of the Distinguished Name (DN) is used for authentication.

Syntax

au-ssl-user-attribute component

Parameters

component
By default, when you have specified an authentication method of client-ssl (see au-method), the authenticated principal for a TLS user certificate is the distinguished name (DN) of the certificate subject in X.509 format, converted to lower case, and with any embedded whitespace removed. For example, the TLS certificate subject C=GB, ST=Hursley, L=Hursley, O=IBM, OU=MQ Appliance, CN=Jo Jo becomes the authenticated principal c=gb,st=hursley,l=hursley,o=ibm,ou=mqappliance,cn=jojo. You can, however, specify that any attribute of the DN is used instead. For example, you can set component to CN to specify that the common name portion of the full name is used. So, in the given DN example, jojo would be the user id.

Guidelines

The au-method command sets the authentication method for RBM. The selected method must be fully configured before invoking this command.