User guide
Chapter 1: Overview
1-20
Certificate Information
For certificate authentication by Interstage Single Sign-on, the owner name (Subject), owner alias
(Subject Alternative Name) and extension information contained in the presented certificate is
referenced. Therefore, one of the following items of information must be stored in the certificate.
Certificate information referenced by Interstage Single Sign-on
• Mail address (mail)
• Employee number (employeeNumber)
• User ID (uid)
• Serial number (serialNumber)
• DN qualifier (dnQualifier)
• Name (cn)
If same attribute is specified for the owner name (Subject), owner alias (Subject Alternative Name) and
extension information contained in the presented certificate, the following is referenced.
• For Mail address, the value that is set in the owner alias (Subject Alternative Name) and extension
information is valid.
• For except mail address, the value that set in the owner name (Subject) is valid.
To set the certificate information, such as owner name and owner alias, on the Interstage Management
Console, select, [System] > [Security] > [Single Sign-on] > [Authentication infrastructure] >
[Authentication server] > [Settings] > [Detailed Settings [Show]]. Then, make settings for [Attributes
used for Authentication] under [Certificate Authentication Settings].
The following examples show the certificate selection windows that are displayed for certificate
authentication in Web browsers. If multiple certificates have been registered in a Web browser, select
the certificate on this window to be presented to the Web server.
If only one certificate has been registered in a Web browser, the certificate can be used automatically
without the certificate selection window displayed. For further details about how to display the certificate
selection window, refer to "Certificate selection windows".
For details about how to register certificates in a Web browser, refer to the Security System Guide.
Example
Certificate selection window of Microsoft(R) Internet Explorer 6.0