Displays a dialog box that allows an entry to be added to the Access Control List. The fields in this dialog are populated with default values.
![](https://stonebranchdocs.atlassian.net/wiki/download/attachments/3771372/Universal%20Broker%20-%20Add%20Certificate%20Map%20ACL%20Entry%20-%206.7.0.0.png?version=1&modificationDate=1651516329000&cacheVersion=1&api=v2)
Certificate ID
The value entered here is used as a key to establish a mapping between this entry and a Universal ACL entry that may reference it.
Subject
The value entered here is used to match the subject field of an installed X.509 certificate. The subject contains properties of the entity identified by the certificate. It is formatted as an X.501 Distinguished Name (DN), which is a hierarchical list of attributes referred to as Relative Distinguished Names (RDNs).
Some of the more common RDN values that may be used in a DN include:
Html bobswift |
<ul>
<li> C <br>
Country Name
<li> CN <br>
Common Name
<li> L <br>
Locality
<li> O <br>
Organization
<li> OU <br>
Organizational Unit
<li> ST <br>
State
</ul>- C
Country Name - CN
Common Name - L
Locality - O
Organization - OU
Organizational Unit - ST
State
The following are examples of Distinguished Names:
Html bobswift |
<ul>
<li> - /C=US/ST=Georgia/L=Atlanta/O=Stonebranch,
<li> - /C=US/ST=Georgia/L=Atlanta/O=Stonebranch,
<li> - /C=US/ST=Georgia/L=Atlanta/O=Stonebranch,
- Inc./OU=Operations/CN=UEC
/
<ul>E-Mail Address
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
Host Name
The value entered here is used to match an installed X.509 certificate by comparing the dNSName of the subjectAltName extension value or the commonName (CN) Relative Distinguished Name attribute of a Distinguished Name's subject field. The host name entered here may contain wildcards. For example, *.acme.com.
IP Address
The value entered here is used to match an installed X.509 certificate by comparing the iPAddress of the subjectAltName extension value. The IP Address entered must be in dotted decimal format (i.e., xx.xx.xx.xx).
Serial Number
The value entered here is used to match the Serial Number of an installed X.509 certificate. Please note that serial numbers are not unique across all certificates, only for those certificates provided by specific Certificate Authorities (CA's).