7.0

ManualsBrandsVMware ManualsApplicationsHorizon View

Table Of Contents

Deploying and Configuring Access Point

Table 5‑1. Smart Card Certificate Properties That You Can Configure (Continued)

Property Name Description Valid Values

sendOCSPNonce Specifies whether to include a nonce in the OCSP

request and require that the nonce be included in

the response. A nonce is an arbitrary number used

only once in a cryptographic communication.

true or false

enabled (Required) Specifies whether to use smart card

certificate authentication. You must change this

setting to true.

The default is false.

true or false

enableCertCRL Specifies whether to use the CRL Distribution

Points extension of the certificate.

true or false

enableOCSPCRLFailover Specifies whether to use a certificate revocation list

if OCSP fails.

The default is true.

true or false

enableConsentForm Specifies whether to present users with a consent

form window before they log in using certificate

authentication.

true or false

ocspURL Specifies the URL of the OCSP responder to use for

the revocation check (for example,

http://ocspurl.com).

A URL that begins with http or https.

enableCertRevocation Specifies whether to use certificate revocation

checking.

true or false

certificatePolicies Specifies the object Identifier (OID) list that is

accepted in the Certificate Policies extension.

An OID

consentForm Specifies the content of the consent form to be

displayed to users.

Text.

crlLocation Specifies the location of the certificate revocation

list to use for the revocation check.

URL or file path (for example,

http://crlurl.crl or

file:///crlFile.crl).

NOTE Do not use ldap: URLs.

enableEmail Specifies whether to use the RFC822 field in

Subject Alternative Name if no UPN (user

principal name) is found in the certificate.

true or false

Deploying and Configuring Access Point

60 VMware, Inc.