ssl-valid-server-dn

ssl-valid-server-dn = <DN-value>

Description

Specifies the distinguished name of the server (obtained from the server SSL certificate) that WebSEAL can accept.

Options

<DN-value>

The distinguished name of the server (obtained from the server SSL certificate) that WebSEAL accepts. If no value is specified, then WebSEAL considers all domain names valid. We can specify multiple domain names by including multiple ssl-valid-server-dn configuration entries.

Usage: This stanza entry is required if both of the following conditions are true:

• One or more of the cluster server entries use SSL. That is, at least one server entry specifies a URL that uses the HTTPS protocol.
• A certificate is required other than the default certificate used by WebSEAL when communicating with the policy server.

Default: None.

Example:

ssl-valid-server-dn = CN=Verify Access,OU=SecureWay,O=Tivoli,C=US

Parent topic: [rtss-cluster:<cluster>] stanza