forked from wso2/docs-is
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request wso2#3125 from MatiRamone7/5.11.0
Two things to specify to make doc more clear
- Loading branch information
Showing
1 changed file
with
16 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -41,6 +41,8 @@ To create a sample certificate and create your own Certificate Authority to sign | |
| - Organization Name (eg, company) [Internet Widgits Pty Ltd]: WSO2 | ||
| - Organizational Unit Name (eg, section) [ ]: QA | ||
| - Common Name (e.g. serverFQDN or YOUR name) [ ]: wso2is.com | ||
| !!! note | ||
| Note that the **CN** value has to be the same as the **user name** of the user that will try to log in in the future. | ||
| - Email Address [ ]: [email protected] | ||
| 4. An OpenSSL CA requires new files and supporting directories. Therefore, create a new directory. | ||
|
|
@@ -264,13 +266,19 @@ For more information on CRL and OCSP certificate validation, see | |
| 3. `name` : This attribute identifies the authenticator that is configured as the second authentication step. | ||
| 4. `enable`: This attribute, when set to true makes the authenticator capable of being involved in the authentication process. | ||
| ``` toml | ||
| [authentication.authenticator.x509_certificate.parameters] | ||
| name ="x509CertificateAuthenticator" | ||
| enable=true | ||
| AuthenticationEndpoint="https://localhost:8443/x509-certificate-servlet" | ||
| username= "CN" | ||
| ``` | ||
| ``` toml | ||
| [authentication.authenticator.x509_certificate.parameters] | ||
| name ="x509CertificateAuthenticator" | ||
| enable=true | ||
| AuthenticationEndpoint="https://localhost:8443/x509-certificate-servlet" | ||
| username= "CN" | ||
| ``` | ||
| 5. If users from a secondary user store should be given access, add the following property under `[authentication.authenticator.x509_certificate.parameters]`: | ||
| ``` toml | ||
| SearchAllUserStores = true | ||
| ``` | ||
| !!! note | ||
| When X509 authentication is configured as the second authentication | ||
|
|
@@ -325,6 +333,7 @@ retrieved certificate from the request. | |
| below, e.g., select a mapped attribute for the claim that is | ||
| supported by the underlying database type. | ||
|  | ||
| **important**: the mapped attribute's name must be "**userCertificate**" | ||
| 5. Click **Add**. | ||
| ## Updating the column size of the database for X509 certificates | ||
|
|
||