This page allows you to specify a server that will generate the key pair, a nickname for the certificate, and a creation method.
Server
Use the drop-down list to select the server that hosts the Organizational CA.
Nickname
Enter a nickname for the user certificate. The nickname should be unique and should help you to identify the certificate. You can enter up to 64 characters in the Certificate Nickname field.
Creation Method
Select either the Standard or Custom creation method.
Standard
This option creates a user certificate using the largest possible key size. In addition, this option signs the public key certificate using the Certificate Authority (CA) you specified earlier.
Note: You must have access to an eDirectory® CA before you can create a user certificate using the Standard option.
Selecting this option does not require you to specify the customizable attributes that are offered in the Custom option. Instead, you simply select a CA type to use, provide a nickname for the user certificate, and indicate the server that will generate the key pair.
Custom
This option creates a user certificate using the settings you specify. Unlike the Standard option, this option allows you to set a number of customized settings for the user certificate.
Note: You must choose this option if you want to
- Specify a signature algorithm other than SHA-1 with RSA* encryption
- Sign the certificate using a CA other than your Organizational CA
- Specify a key size and how the key and certificate are to be used
- Specify a certificate validity period other than the default of two years
- Specify an e-mail address other than the one stored in eDirectory (if any) for the user. E-mail programs require the sender's e-mail address in any certificate that is to be used for securing e-mail.
Import
This option creates a user certificate using the keys and certificates from a PKCS12 (PFX) file. You can use this option in conjunction with the Export feature to backup and restore a user certificate or to move a user certificate object from one server to another.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.