config : system certificate urlcert
system certificate urlcert
Use this command to configure the URL-based client certificate feature for a server policy or server pool. This feature allows you to require a certificate for some requests and not for others. Whether a client is required to present a personal certificate or not is based on the requested URL and the rules you specify in the URL-based client certificate group.
A URL-based client certificate group specifies the URLs to match and whether the matched request is required to present a certificate or exempt from presenting a certificate.
When the URL-based client certificate feature is enabled, clients are not required to present a certificate if the request URL is specified as exempt in the URL-based client certificate group rule or URL of the request does not match a rule.
Syntax
config system certificate urlcert
config list
end
next
end
Variable | Description | Default |
<url-cert-group_name> | Enter the name for the URL-based client certificate group. | No default. |
<entry_index> | Type the index number of an URL-based client certificate group entry. | No default. |
url <url_str> | Enter a URL to match. When the URL of a client request matches this value and the value of require is enable, FortiWeb requires the client to present a private certificate. | No default. |
require {enable | disable} | Specifies whether client requests with the URL specified by url are required to present a personal certificate. When you select disable, FortiWeb does not require client requests with the specified URL to present a personal certificate. | No default. |
Related topics