Distinguished name matching
At several places in the Nexus OCSP Responder configuration, one or more certificates can be pointed out by issuer or subject Distinguished Names (DNs). In essence, it is a "scaled-down" matching that behaves the same as subject or DN behaves in the certificate pattern.