How to Configure 'certmap.conf' for Certificate Based Client Authentication in Directory Server Enterprise Edition? (Doc ID 1279276.1)

Last updated on OCTOBER 11, 2016

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.0 to 11.1.1.5.0 [Release 6.0 to 11gR1]
Oracle Directory Server Enterprise Edition - Version 11.1.1.7.0 to 11.1.1.7.0 [Release 11gR1]
Information in this document applies to any platform.
Checked for relevance on 21-Jan-2014

Goal

Directory Server Enterprise Edition (DSEE) allows LDAP clients to authenticate to the server using an SSL client certificate instead of the standard bind DN and password combination.  When a client provides its certificate to the server,  the server must map the information in that certificate to exactly one user entry in the directory. This mapping rules are configured in the configuration file
<server_instance>/alias/certmap.conf. This document details the certmap.conf format and available configuration options.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms