Certificate- and Non Certificate-Based Entries
Certificate-Based and Non Certificate-Based UACL Entries
Universal Agent components that support X.509 certificates define their UACL entries in two varieties:
- Certificate-based entries
- Non certificate-based entries
The two entry types are distinguished by their name. For example, ucmd_cert_access is the certificate-based form of the entry and ucmd_access is a non certificate-based entry. All entries follow the same format.
Either the certificate-based UACL entries or the non certificate-based UACL entries are searched, but not both.
Certificate-Based Entries Search
Certificate-based UACL entries are searched under the following conditions:
- Client provides an X.509 certificate that matches a certificate map entry.
Non Certificate-Based Entries Search
Non certificate-based UACL entries are searched under the following conditions:
- Client provides an X.509 certificate and no certificate map entry matches.
- Client does not provide an X.509 certificate.