5-6
Cisco Secure Desktop Configuration Guide
OL-8607-02
Chapter 5 Setting Up CSD for Microsoft Windows Clients
Defining Location Criteria
CSD assigns the location to the client only if it has a certificate that contains
both
of the following, and
only if it matches at least one criterion in each of the completed areas in the Identification for
<Location>
pane:
•
Value in the Subject field that matches the value you specified in the “Issued By” field
•
Value in the Issuer field that matches the value you specified in the “Issued To” field
Using a Signed File to Specify Certificate Criteria
To specify certificate criteria if you have a signed file (that is, the file is not a certificate file, but contains
a certificate):
Step 1
Right click the file and choose
Properties
.
The Properties window opens.
Step 2
Click the
Digital Signatures
tab (which appears only if the file is signed).
Step 3
Click
Details
.
Step 4
Click
View Certificate
.
The Certificate window opens.
Step 5
Click the
Details
tab.
Step 6
Complete both of the fields in the “Certificate Criteria” area of the Identification for
<Location>
pane
(
Figure 5-2
), as follows:
–
Issued By—
Click
Subject
in the Field column under the Details tab of the Certificate window.
The area below the Field column displays the subordinate fields and values assigned to the
Subject field of the certificate. The subordinate fields include such names as “CN” for common
name, “O” for organization unit name, and “E” for e-mail address. Type the value of one of these
subfields in the
Issued By
field on the Identification for
<Location>
pane to match it against
the Subject field of the certificate.
Note
Specify the value of the subfield. For example, type the value of the “O” field, not the “O” itself.
–
Issued To—
Click
Issuer
in the Field column under the Details tab of the Certificate window.
The area below the Field column displays the subordinate fields and values assigned to the
Issuer field of the certificate. The subordinate fields include such names as “CN” for common
name, “O” for organization unit name, and “E” for e-mail address. Type the value of one of these
subordinate fields in the
Issued To
field on the Identification for
<Location>
pane to match it
against the Issuer field of the certificate.
CSD assigns the location to the client only if it has a certificate that contains
both
of the following, and
only if it matches at least one criterion in each of the completed areas in the Identification for
<Location>
pane:
•
Value in the Subject field that matches the value you specified in the “Issued By” field
•
Value in the Issuer field that matches the value you specified in the “Issued To” field