This is done via Mapping Task where you map an X.509 attribute such as subject, issuer and serial number:
Go to Gateway--->Task Policies and click on Task Lists
Click New and Name your Task, such as "Map Serial Number Task" and then click Apply
Click New and select Map Attributes and Headers then Next
Click New and fill in the following:
Source Type: X.509 Attribute
Source Name*: serialnumber
Target Type: Protocol Header
Target Name*: TargetNameSN
Click Next and then Save
Add a new Task List Groups "Map Serial Number Task List Group" and click Create
Click Add to add your new task list "Map Serial Number Task", Apply and Save
The Task List Group should look like this:
Associate the Task List Group to a policy and test. The system log should now show you something like:
Mapping X.509 Attribute 'serialnumber' to Protocol Header
'TargetNameSN' value '8C7A694D D98B9EFC'
Further, the task in this example takes the following OIDs or extension names.
OID (Object Identifier) Extension Name
2.5.29.14 SubjectKeyIdentifier
2.5.29.15 KeyUsage
2.5.29.16 PrivateKeyUsage
2.5.29.17 SubjectAlternativeName
2.5.29.18 IssuerAlternativeName
2.5.29.19 BasicConstraints
2.5.29.30 NameConstraints
2.5.29.33 PolicyMappings
2.5.29.35 AuthorityKeyIdentifier
2.5.29.36 PolicyConstraints
For example, one might want to be able to use the SubjectKeyIdentifer. In this case you would use “2.5.29.14” for the Source Name:
Source Type: X.509 Attribute
Source Name*: 2.5.29.14
Target Type: Protocol Header
Target Name*: SomeName
0 Comments