A comma-separated list of SSL identities that have authorization for the functions included in this role. You can include Wildcard values in the SSL identities.

The SSL identity matches the subjectAltName DNS name in the certificate. If the subjectAltName does not exist, it falls back on the subject Common Name.

To use SSL identities for permissions, you must configure SSL in your IDOL components, and your SSL setup must request certificates from connecting peers, by using SSLCACertificate and SSLCheckCertificate in your [SSLOptionN] configuration section.

You define the permissions that a particular role has by using StandardRoles, or by specifying the Actions and ServiceActions that you want the role to be able to use. You define the users that belong to a particular role by using Clients, GSSPrincipals, and SSLIdentities. If a connection matches one of the allowed clients, principals, or SSL identities, they have permission to perform the operations allowed by the role.

Type: String
Required: No
Configuration Section: MyAuthorizationRole
See Also: Clients