Download full document:

aaa certParams

The following operations can be performed on "aaa certParams":

set | unset | show

set aaa certParams

Modifies the global configuration settings for certificate policies. The settings that you specify are used for all SSL-VPN virtual servers unless you use authentication policies to create a configuration for a specific SSL-VPN virtual server.

Synopsys

set aaa certParams [-userNameField <string>] [-groupNameField <string>] [-defaultAuthenticationGroup <string>]

Arguments

userNameField

Client certificate field that contains the username, in the format <field>:<subfield>.

groupNameField

Client certificate field that specifies the group, in the format <field>:<subfield>.

defaultAuthenticationGroup

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

Maximum value: 64

Example

To configure the default certificate parameters: set aaa certparams -userNameField "Subject:CN" -groupNameField "Subject:OU"

unset aaa certParams

Use this command to remove aaa certParams settings.Refer to the set aaa certParams command for meanings of the arguments.

Synopsys

unset aaa certParams [-userNameField] [-groupNameField] [-defaultAuthenticationGroup]

show aaa certParams

Displays the current client certificate configuration on the NetScaler appliance.

Synopsys

show aaa certParams

Outputs

twoFactor

The state of the two-factor authentication.

userNameField

The field in the certificate from which the username will be extracted.

groupNameField

The field in the certificate from which the group will be extracted.

defaultAuthenticationGroup

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.