Check to indicate that in addition to client certificate certification, the server will verify the certificate has been registered with your SAF compliant security product, such as RACF, and has an associated user ID. Additionally, if the SERVAUTH RACF class is active and a RACF resource has been defined for the port, the connection is allowed only if the user ID associated with the client certificate has READ access to the RACF resource.