Client Certificate Internal - not recommended in a production environment
Select the certificate attribute the system shall extract the login information from.
User Principal Name (UPN): Extracts the information from the SANAttribute "otherName"
SAN Email (RFC822Name): Extracts the information from the SANAttribute "rfc822Name"
Subject CN: Extracts the information from the CN field
Subject Email: Extracts the information from the EMAILADDRESS field
Set up validation chain for user certificates
When a user logs in to PRIME with a certificate, the PRIME server does a validation of the corresponding certificate revocation lists (CRLs). To check the certificate chain of the CRL Signing CA, there is a separate truststore configured on the PRIME server.
To configure the path to the truststore
On the PRIME server, open the file system.properties.