apm policy agent endpoint-check-machine-cert
apm policy agent endpoint-check-machine-cert(1) BIG-IP TMSH Manual apm policy agent endpoint-check-machine-cert(1)
NAME
endpoint-check-machine-cert - Manages an End-point Check Machine certificate agent.
MODULE
apm policy agent
SYNTAX
Configure the endpoint-check-machine-cert component within the apm policy agent module using the following
syntax.
CREATE/MODIFY
create endpoint-check-machine-cert [name]
modify endpoint-check-machine-cert [name]
options:
allow-elevation [ true| false]
app-service [[string] | none]
ca-profile-name [value]
issuer [value]
save-cert [ true| false]
serial-number [integer]
store-location [machine | user]
store-name [value]
subject-alt-name [value]
subject-match-fqdn [value]
edit endpoint-check-machine-cert [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list endpoint-check-machine-cert
list endpoint-check-machine-cert [ [ [name] | [glob] | [regex] ] ... ]
show running-config endpoint-check-machine-cert
show running-config endpoint-check-machine-cert [ [ [name] | [glob] | [regex] ] ... ]
options:
all
all-properties
app-service
current-module
non-default-properties
one-line
partition
DELETE
delete endpoint-check-machine-cert [name]
DESCRIPTION
Endpoint security is a centrally-managed method of monitoring and maintaining client-system security.
The endpoint-check-machine-cert component checks for the presence of a valid machine certificate on
Windows/Mac client systems during access policy validation.
EXAMPLES
create endpoint-check-machine-cert MyMCagent
Creates the Endpoint Check Machine certificate agent named MyMCagent in the Common partition.
list endpoint-check-machine-cert
Displays a list of Endpoint Check Machine certificate agents.
delete endpoint-check-machine-cert MyMCagent
Deletes the MyMCagent Endpoint Check Machine certificate agent.
OPTIONS
allow-elevation
Specifies that User Account Control (UAC) prompts are allowed during private key checking.
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
ca-profile-name
Specifies the name of the certificate authority profile to validate the certificate.
issuer
Specifies the name used to match the issuer name in the machine certificate.
[name]
Specifies the name of an external logon page agent. This option is required.
partition
Displays the partition within which the component resides.
save-cert
Specifies to store the entire machine certificate in a session variable.
serial-number
Specifies the serial number used to match the serial number of the machine certificate.
store-location
Specifies the location of the certificate store on the client machine.
store-name
Specifies the name of the certificate store on the client machine.
subject-alt-name
Specifies the name used to match the subject-alt-name in the machine certificate.
subject-match-fqdn
Specifies if lookup must match fully qualified domain name (FQDN) in the machine certificate.
SEE ALSO
apm policy agent endpoint-check-software, apm policy agent endpoint-linux-check-file, apm policy agent
endpoint-linux-check-process, apm policy agent endpoint-mac-check-file, apm policy agent endpoint-mac-check-
process, apm policy agent endpoint-windows-check-file, apm policy agent endpoint-windows-browser-cache-
cleaner, apm policy agent endpoint-windows-check-process, apm policy agent endpoint-windows-check-registry,
apm policy agent endpoint-windows-info-os, apm policy agent endpoint-machine-info, apm policy agent endpoint-
windows-protected-workspace
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights reserved.
BIG-IP 2016-03-14 apm policy agent endpoint-check-machine-cert(1)