Question about cert authentication method.

Hi All,

I have a question about cert authentication method. I am using postgres
version 14.

Following is the entry i have in the pg_hba file.
hostssl all all 0.0.0.0/0 cert map=mymap

Following is the entry in the pg_ident file.
mymap test readonly

trying to connect to the server using psql. CN in the certificate is "test
(S114546)".
psql "host=localhost user='test (S114546)' dbname=appdb sslmode=verify-full
sslcert=certificate.crt sslkey=certificate.key sslrootcert=cacerts"

No mapping exist for "test (S114547)" in the pg_ident file.

The connection failed with following error.
psql: error: connection to server at "localhost", port 5432 failed: FATAL:
certificate authentication failed for user "test (S114546)"

Error in the server log is...
2022-11-25 09:26:52.169 UTC [62] LOG: no match in usermap "mymap" for user
"test (S114546)" authenticated as "test (S114546)"
2022-11-25 09:26:52.169 UTC [62] FATAL: certificate authentication failed
for user "test (S114546)"
2022-11-25 09:26:52.169 UTC [62] DETAIL: Connection matched pg_hba.conf
line 4: "hostssl all all 0.0.0.0/0 cert map=mymap"

I am expecting the connection to fail because user "test (S114546) does not
exist. but i am confused about the error message in the server log.
It says certificate authentication failed for user "test (S114546)". but
CN in the certificate matches with the user name in psql connection request.
So certificate authentication should pass. It should fail afterwards.