There isn't a notion of "alias" for a trusted certificate in the Gateway. There is for a private key, but not for a certificate.
A key alias is an internal concept - i.e. a name given to a key that only makes sense for the local system and it does not necessarily transfer to another system. When a client certificate is presented we only have the contents of the certificate to work with, which does not include anything like an "alias", so the certificate attributes won't get you an alias. They can provide the CN for the certificate's subject, plus serial number, issuer, thumbprint, etc - which is probably what you are really looking for, but I don't have any insight into your use case.
The closest thing the Gateway has to an alias for a certificate is the Name of the certificate, which is an arbitrary and *local* concept that can be different from the subject CN. That is only available via restman and not as part of the certificate's attributes, and will only be available *if* that certificate has been loaded in the trust store, which client certificates typically are not. A client certificate is either validated as an explicit certificate in an identity provider (LDAP or IIP) or by a federation to a certificate in the trust store via a Federate Identity Provider (FIP).
------------------------------
Jay MacDonald - Adoption Architect - Broadcom API Management (Layer 7)
------------------------------
Original Message:
Sent: 02-20-2020 08:45 AM
From: Pavansai C
Subject: How to find alias name for certificates in CA API Gateway?
Hi There,
We are using client Certificate Authentication in CA API Gateway.
Can someone help on how to find the alias name for certificates??