Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

FPCSSLClientCertificateRestriction

Internet Security and Acceleration Server 2004/2006 SDK

The FPCSSLClientCertificateRestriction object defines a requirement for restricting the Secure Sockets Layer (SSL) client certificates that a Web listener will accept for authentication. (This object is introduced in ISA Server 2006.)

A client certificate restriction may apply to one of the following fields:

  • Issuer.
  • Subject.
  • Enhanced Key Usage.
  • Extensions.

A restriction may include an object identifier (OID) and a value that must be present in the specified field. For example, a certificate restriction can limit the client certificates that a Web listener will accept to those whose Enhanced Key Usage field contains the Smart Card Logon object identifier 1.3.6.1.4.1.311.20.2.2.

Client certificate restrictions are applicable only for SSL certificate authentication and forms-based authentication of clients requesting an HTTPS connection. They are enabled only if the SSLClientCertificateRestrictionsEnabled property of the FPCWebListenerProperties object for the Web listener is set to True.

The FPCSSLClientCertificateRestriction object is an element of an FPCSSLClientCertificateRestrictions collection, and a new object representing an SSL client certificate restriction can be created by calling the Add method of this collection. When the FPCSSLClientCertificateRestrictions collection for a Web listener contains more than one client certificate restriction, a client certificate that matches at least one of the restrictions will be accepted.

Click here to see the ISA Server object hierarchy.

Inheritance

This object inherits from the FPCPersist object, which contains methods and properties related to the persistent storage of an object's data. They include methods for exporting an object's data to and importing it from XML documents.

Methods

The FPCSSLClientCertificateRestriction object does not define any methods.

Properties

The FPCSSLClientCertificateRestriction object has the following properties.

Property Description
CertificateRestrictionField Gets or sets a value from the FpcCertificateRestrictionField enumerated type that specifies the certificate field to which the restriction applies.
Description Gets or sets the description of the client certificate restriction.
Name Gets or sets the name of the client certificate restriction.
OID Gets or sets the object identifier (OID) to be used for determining a match with the field.
OIDMatchType Gets or sets a value from the FpcOIDMatchType enumerated type that specifies the type of match required for the object identifier (OID).
Value Gets or sets the string to be used for determining a match with the value in the field.
ValueMatchType Gets or sets a value from the FpcValueMatchType enumerated type that specifies the type of match required for the value in the field.

Methods Inherited from FPCPersist

Name Description
CancelWaitForChanges Cancels the registration established by the WaitForChanges method (for use in C and C++ programming only).
CanImport Returns a Boolean value that indicates whether the object's properties can be imported from the specified XML document.
Export Writes the stored values of all of the object's properties to the specified XML document.
ExportToFile Writes the stored values of all of the object's properties to the specified XML file.
GetServiceRestartMask Retrieves a 32-bit bitmask of the FpcServices enumerated type that specifies which services need to be restarted for currently unsaved changes to take effect.
Import Copies the values of all of the object's properties from the specified XML document to persistent storage.
ImportFromFile Copies the values of all of the object's properties from the specified XML file to persistent storage.
LoadDocProperties Provides the XML document's properties so that you can know what information can be imported from the document.
Refresh Reads the values of all of the object's properties from persistent storage, overwriting any changes that have not been saved.
Save Writes the current values of all of the object's properties to persistent storage.
WaitForChanges Registers to wait for an event indicating that the contents of the object have changed (for use in C and C++ programming only).

Properties Inherited from FPCPersist

Name Description
PersistentName Gets the persistent name of the object. The persistent name of an object is a name that is unique for the object at the respective level of the COM object hierarchy.
VendorParametersSets Gets an FPCVendorParametersSets object that can hold sets of custom data for extending the object.

Interfaces for C++ Programming

This object implements the IFPCSSLClientCertificateRestriction interface.

Requirements

Client Requires Windows XP.
Server Requires Windows Server 2003.
Version Requires Internet Security and Acceleration Server 2006.
IDL

Declared in Msfpccom.idl.

See Also

COM Objects

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.