Feature Description
Authorization of peer will be based on match of CN field in peer's certificate with list of configured allowed entries.
Assumptions and Limitations
-
CN part will be such a way that it matches fully with one of the configured value.
-
All peers are provided with the same Certificate or some set of known certificates. Hence CN will be same (or set of CN’s) and will be limited in exclusive numbers. One such configuration can match all peers using said certificate.
-
This feature is not applicable for non-certificate authentication method.
-
Only 64 entries can be configured under one cert-policy and one cert-policy can be attached to one crypto template used for SecGW service.