question on configuring x509 certificate authentication for DoD certs
724257Sep 24 2009 — edited Dec 8 2009Hi,
has anybody gotten OAM/ID Management to do DoD CAC certificate authentication? I am trying to figure out how to reference the components of my subject on my card. All of the examples I've seen reference certSubject.E for email but email is not a component of my subject. I have tried
obMappingFilter="(&(Objectclass=inetorgperson)(uid=%certSubject.DN%))"
to map the DN on my cert to to a user I created with a matching UID, but I keep getting
The Access Server may not be able to connect to the user directory, or the authentication scheme Cert Auth may have an invalid obMappingFilter parameter for its credential_mapping plugin.
It works for basic over LDAP and with the form I created so I know that the server is up.
Does anybody know how the cert_decode breaks down a DoD CAC? What does it call the elements I can use?
thanks.