A customer wants to implement X.509 certificate authentication on their users. They want to
extract the username from each certificate for accounting and single sign-on purposes. The
correct username syntax lies within the common name portion of the certificate’s subject field.
Which username template should you use on the certificate authentication server’s configuration?
A.
<certDN.CN>
B.
<certDN.SN>
C.
<certAttr.altName.CN>
D.
<certAttr.altName.SN>
Explanation:
http://www.juniper.net/techpubs/en_US/sa/topics/topic-map/security-access-systemvariables-custom-expressions.html