config : system certificate urlcert
 
system certificate urlcert
Use this command to configure the URL-based client certificate feature for a server policy or server pool. This feature allows you to require a certificate for some requests and not for others. Whether a client is required to present a personal certificate or not is based on the requested URL and the rules you specify in the URL-based client certificate group.
A URL-based client certificate group specifies the URLs to match and whether the matched request is required to present a certificate or exempt from presenting a certificate.
When the URL-based client certificate feature is enabled, clients are not required to present a certificate if the request URL is specified as exempt in the URL-based client certificate group rule or URL of the request does not match a rule.
Syntax
config system certificate urlcert
edit <url-cert-group_name>
config list
edit <entry_index>
set url <url_str>
set require {enable | disable}
end
next
end
Variable
Description
Default
<url-cert-group_name>
Enter the name for the URL-based client certificate group.
No default.
<entry_index>
Type the index number of an URL-based client certificate group entry.
No default.
url <url_str>
Enter a URL to match.
When the URL of a client request matches this value and the value of require is enable, FortiWeb requires the client to present a private certificate.
No default.
require {enable | disable}
Specifies whether client requests with the URL specified by url are required to present a personal certificate.
When you select disable, FortiWeb does not require client requests with the specified URL to present a personal certificate.
No default.
Related topics
config server-policy policy
config server-policy server-pool