How To: Map X.509 Attributes

This is done via Mapping Task where you map an X.509 attribute such as subject, issuer and serial number:


Go to Gateway--->Task Policies and click on Task Lists

Click New and Name your Task, such as "Map Serial Number Task" and then click Apply

Click New and select Map Attributes and Headers then Next

Click New and fill in the following:


Source Type:      X.509 Attribute

Source Name*: serialnumber

Target Type:       Protocol Header

Target Name*:  TargetNameSN


Click Next and then Save


Add a new Task List Groups "Map Serial Number Task List Group" and click Create

Click Add to add your new task list "Map Serial Number Task", Apply and Save


The Task List Group should look like this:



Associate the Task List Group to a policy and test.  The system log should now show you something like:


Mapping X.509 Attribute 'serialnumber' to Protocol Header

'TargetNameSN' value '8C7A694D D98B9EFC'



Further, the task in this example takes the following OIDs or extension names.

OID (Object Identifier) Extension Name SubjectKeyIdentifier KeyUsage PrivateKeyUsage SubjectAlternativeName IssuerAlternativeName BasicConstraints NameConstraints PolicyMappings AuthorityKeyIdentifier PolicyConstraints

For example, one might want to be able to use the SubjectKeyIdentifer.  In this case you would use “” for the Source Name:


Source Type:      X.509 Attribute

Source Name*:

Target Type:       Protocol Header

Target Name*:  SomeName





Have more questions? Submit a request


Article is closed for comments.