CertIssuer
Defines one or more certificate issuers that Nomad will use to select the appropriate PKI certificate for the:
Configuration Manager (CM) client authentication certificate - used when downloading over HTTPS from Distribution Points and when communicating with Management Points during pre-caching
Nomad Server Authentication certificate - used to share content between peers over HTTPS
Client Authentication certificate - used for certificate-based client authentication when sharing content between peers over HTTPS.
In most cases Nomad will be able to identify a suitable certificate in the Local Computer Personal certificate store without needing to specify CertIssuer (refer to Peer copy over HTTP or HTTPS: Certificate Selection for more details). You should use CertIssuer if the CM client is not using PKI certificates and there are multiple Client Authentication certificates issued by different Certificate Authorities in the store, and if there is a chance some of those certificates may not be trusted by other peers or CM site systems.
Registry value | Default value | Notes | Installer property |
|---|---|---|---|
CertIssuer | " " | Set this value to the name of the certificate issuer (Certificate Authority (CA)) that Nomad should use to select the appropriate PKI certificate. A case-insensitive substring-within-a-string match is performed. If you have multiple CAs you can specify a:
If you are only using HTTPS for downloading from an HTTPS DP (That is, not using HTTPS for peer-to-peer data transfer) you can leave this blank and set CertSubject instead. |