You can set the following certificate parameters.
Subject Name
By default, this field displays the fully typed
name of your eDirectoryTM tree.
UTF-8 Encoding
You can select to use UTF-8 encoding for names.
Signature Algorithm
Use the Browse button to select the signature
algorithm that the certificate authority should
use to sign the public key certificate. All
options are RSA* encryption algorithms. RSA encryption is a common public key
algorithm.
MD2-RSA
MD2 (Message Digest 2) is not recommended. You should use it for compatibility with older or external PKI systems only. The message digest length for MD2 is 128 bits (16 bytes).
MD2 has been shown to produce hash collisions. Collisions occur when two different messages hash to the same value. Using MD2 is therefore discouraged.
MD5-RSA
MD5 (Message Digest 5) is not recommended. You should use it for compatibility with older or external PKI systems only. The message digest length for MD5 is 128 bits (16 bytes).
MD5 has been shown to produce pseudo-collisions on the hashed values. Using MD5 is therefore discouraged.
SHA-1-RSA
SHA-1 (Secure Hash Algorithm version 1) is a message digest function proposed by the National Institute of Standards and Technology (NIST). The message digest length for SHA-1 is 160 bits (20 bytes). Novell currently recommends SHA-1 for all generated public key certificates; however, a possible vulnerability has been reported.
Validity Period
Use the drop-down list to specify a period over which the certificate will be
valid. The range is from 6 months to the maximum, the year 2036 (a time
limitation based on a 32-bit time value). If you select the Specific Dates
option, you can edit the Effective Date and the Expiration Date fields to
create a custom validity period. The maximum date selected must fall within the
validity period of the CA.
Effective Date
Lets you display or edit the time and date that the certificate
becomes valid.
Expiration Date
Lets you display or edit the time and date that the certificate
becomes invalid.
Custom Extensions
Enables Certificate Server to support any standard or custom
extensions that you want to include when creating a certificate. Extensions
must have been previously created and stored in a file (one extension per
file). Any extension must be ASN.1 encoded as defined in IETF RFC 2459/3280 section 4.2.
If you want to include one or more custom extensions in the certificate you are creating, click New and then browse for a file containing the custom extension and add it to the certificate. Multiple extensions can be added by repeating this process.
To delete a custom extensions file, select it and then click Delete.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.