5-5
Cisco Secure Desktop Configuration Guide
OL-8607-02
Chapter 5 Setting Up CSD for Microsoft Windows Clients
Defining Location Criteria
Certificate Criteria
Check
Enable identification using certificate criteria
in the Identification for
<Location>
pane
(
Figure 5-2
) to specify values of a digital certificate on the remote client PC as a criterion for assigning
the properties of the location to the remote client.
Note
For information about setting up your server to work with client certificates, see the
“Frequently Asked
Questions” section on page A-1
.
Use one of the following instructions to examine the certificate Subject and Issuer fields to identify the
values to be completed in the “Issued By” and “Issued To” fields:
•
Using a Certificate File to Specify Certificate Criteria
•
Using a Signed File to Specify Certificate Criteria
•
Using the Certificates in Your Store to Specify Certificate Criteria
Using a Certificate File to Specify Certificate Criteria
To specify certificate criteria if you have a certificate file (for example, a *.cer or *.pfx file),
Step 1
Double-click the certificate.
The Certificate window opens.
Step 2
Click the
Details
tab.
Step 3
Complete both of the fields in the “Certificate Criteria” area of the Identification for
<Location>
pane
(
Figure 5-2
), as follows:
–
Issued By—
Click
Subject
in the Field column under the Details tab of the Certificate window.
The area below the Field column displays the subordinate fields and values assigned to the
Subject field of the certificate. The subordinate fields include such names as “CN” for common
name, “O” for organization unit name, and “E” for e-mail address. Type the value of one of these
subfields in the
Issued By
field on the Identification for
<Location>
pane to match it against
the Subject field of the certificate.
Note
Specify the value of the subfield. For example, type the value of the “O” field, not the “O” itself.
–
Issued To—
Click
Issuer
in the Field column under the Details tab of the Certificate window.
The area below the Field column displays the subordinate fields and values assigned to the
Issuer field of the certificate. The subordinate fields include such names as “CN” for common
name, “O” for organization unit name, and “E” for e-mail address. Type the value of one of these
subordinate fields in the
Issued To
field on the Identification for
<Location>
pane to match it
against the Issuer field of the certificate.