When running a Policy Server and enabling a Certificate Authentication Scheme, one might like to know:
Here are the answers:
(1)
How SiteMinder Uses Certificate Data to Identify Users
The Policy Server then performs certificate mapping. The goal of
certificate mapping is to locate a user by the Subject Name in the
user certificate.
First, the Policy Server looks up the appropriate certificate
mapping in the policy store. The Policy Server uses the
certificate Issuer DN to locate the mapping. The Issuer DN is part
of the certificate mapping configuration. After the Policy Server
finds the mapping, it takes the Subject Name from the certificate
and applies the mapping to find the user entry in the user
directory.
(2)
Digital Signing and Private Key Algorithms
SiteMinder uses the following algorithms for Private Key
generation (Certificate/Keys):
Key Algorithm
RSA
Sign Algorithms
MD5withRSA, SHA1withRSA, SHA256withRSA & SHA512withRSA
Additional algorithms supported from Release 12.8.05: RSASSA-PSS