ssl-valid-server-dn

Edit online

Syntax

ssl-valid-server-dn = <DN-value>

Description

Specifies the distinguished name of the server, which is obtained from the server SSL certificate, that WebSEAL can accept.

Options

<DN-value>
The distinguished name of the server, which is obtained from the server SSL certificate, that WebSEAL accepts. If no value is specified, then WebSEAL considers all domain names valid. You can specify multiple domain names by including multiple ssl-valid-server-dn configuration entries.

Usage

This stanza entry is required if both of the following conditions are true:
  • One or more of the cluster server entries use SSL (that is, contains an HTTPS protocol specification in the URL).
  • A certificate is required other than the default certificate used by WebSEAL when communicating with the policy server.

Default value

None.

Example

ssl-valid-server-dn = CN=Verify Identity Access,OU=SecureWay,O=Tivoli,C=US