If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. If a matching dNSName is found, this constraint is met. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server.
#What metric should i use in my mac network settings full#
When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte.Ĭonstraint for server domain name.
When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate's DER encoded data. Certificate data is specified using a "scheme" two are currently supported: blob and path. UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the "ca-cert" property.Ĭontains the client certificate if used by the EAP method specified in the "eap" property.
This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte.
Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.Ĭontains the CA certificate if used by the EAP method specified in the "eap" property. If the list is empty, no verification of the server certificate's altSubjectName is performed.Īnonymous identity string for EAP authentication methods. List of strings to be matched against the altSubjectName of the certificate presented by the authentication server.
0 kommentar(er)
