EldoS | Feel safer!

Software components for data protection, secure storage and transfer

What is expected when exact match option is used.

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
Posted: 06/15/2016 09:58:30
by Niklas Kjellander (Standard support level)
Joined: 09/30/2008
Posts: 52

I'm trying to understand how the certificate lookup option exact match (loExactMatch) works.

What is expected when this option is set?

Posted: 06/16/2016 04:44:19
by Ken Ivanov (EldoS Corp.)

Hi Niklas,

Thank you for contacting us.

loExactMatch enables strict comparison of the RDN templates (SubjectRDN and IssuerRDN). If loExactMatch option is switched off, the TElCertificateLookup's RDN properties both specify a subset of the corresponding certificate fields. If it is switched on, the lookup's RDN properties are expected to specify the exact contents of the corresponding certificate fields.

For example, the filter of SubjectRDN=[C=GB, O=EldoS] will return all certificates whose subject RDN contains the above entries (including [C=GB, O=EldoS], [C=GB, O=EldoS, CN=www.eldos.com] and [C=GB, O=EldoS, OU=HQ, CN=Application Signing]) if loExactMatch is set to false, but will only return [C=GB, O=EldoS] of loExactMatch is set to true.

Posted: 06/17/2016 01:38:09
by Niklas Kjellander (Standard support level)
Joined: 09/30/2008
Posts: 52

Thank's for a good explanation. Too bad that information was not included in the documentation, that would have saved me a lot of time trying to figure out on my own.

Posted: 06/17/2016 04:02:53
by Ken Ivanov (EldoS Corp.)


Thank you for pointing us at the documentation issue. I've opened the case with the tech writers, they will deal with it as quickly as possible.





Topic viewed 926 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!