(v12.0.8874.35714 started 2024-04-18 18:00:37 on VM2)
Notes on certificate issuer: If Extended Key Usage "Smart Card Logon" is defined within the certificate presented by the user, the string "#SmartCardLogon" will be added to the name of the issuer of the certificate. This can be used in keywords ISS and ISSLG to allow only certificate with Extended Key Usage "Smart Card Logon" set. e.g. ISS:"Partner-CA#SmartCardLogon" If any issuer with Extended Key Usage "Smart Card Logon" set is allowed, then specify ISS:"#SmartCardLogon" Caution: Not all issuers set the value "Smart Card Logon" correctly.
For One Time Password Request (OTPR): The string "OTP-email" or "OTP-SMS" is stored as "certificate issuer". For Time-based One Time Password: The string "OTP-Authenticator" is stored as "certificate issuer". For authentication via se.SAM: The string "se.SAM" is stored as "certificate issuer".
