Defines one or more certificate subject names that Nomad uses to select the appropriate PKI certificate for authentication with Configuration Manager (CM) site systems configured to use HTTPS. It does not affect certificate selection for client authentication certificates used for peer-to-peer authentication or for selection of server authentication certificates.

In most cases Nomad will be able to identify a suitable certificate in the Local Computer Personal certificate store without the need to specify CertSubject (refer to Peer copy over HTTP or HTTPS: Certificate Selection for more details).

Registry valueDefault valueNotesInstaller property
CertSubject" "

For downloads over HTTPS from the Distribution Point, set either the CertIssuer or CertSubject registry values. Set this value to the subject name of the certificate that Nomad should use to select the appropriate PKI certificate. The match has the following properties:

  • case-insensitive
  • a substring search is done, so if the text is set to ACME it will return certificates where ACME appears anywhere in the certificate's subject.

If you have multiple valid subject names you can specify a:

  • Common sub-string, for example "" would work for certificates that have anywhere in the subject name
  • Comma-separated list of subject names or sub-strings, for example, you can specify multiple subject domain suffixes, for example ",".

For the installer property, configure either MODULE.NOMAD.CERTISSUER or MODULE.NOMAD.CERTSUBJECT installer properties for HTTPS downloads.