Certificate- and Non Certificate-Based Entries

Owned by Stonebranch (Deactivated)
Last updated: Feb 01, 2024
1 min read

Certificate-Based and Non Certificate-Based UACL Entries

Universal Agent components that support X.509 certificates define their UACL entries in two varieties:

  1. Certificate-based entries
  2. Non certificate-based entries

The two entry types are distinguished by their name. For example, ucmd_cert_access is the certificate-based form of the entry and ucmd_access is a non certificate-based entry. All entries follow the same format.

Either the certificate-based UACL entries or the non certificate-based UACL entries are searched, but not both.

Certificate-Based Entries Search

Certificate-based UACL entries are searched under the following conditions:

  • Client provides an X.509 certificate that matches a certificate map entry.

Non Certificate-Based Entries Search

Non certificate-based UACL entries are searched under the following conditions:

  • Client provides an X.509 certificate and no certificate map entry matches.
  • Client does not provide an X.509 certificate.