Create a security profile, and configure it to use an X.509 authentication provider.
|Name||A unique name for the security profile.|
|Check Impersonation||(Optional) In token-based authentication, whether to allow authentication to succeed when the user name presented cannot be matched against any of the user names validated in the login modules. By default the property is enabled, which prevents user authentication from succeeding in this scenario.|
Authentication Provider – X.509 User Certificate.
Control Flag – optional.
Validated Certificate as Identity – enable.
Certificate Attribute As Principal – enter CN.