Selection | View | Manage |
X.509 Certificate Management | Administrator | Administrator |
Generate a new certificate | Use this certificate generation tool to create a certificate for access to Server Administrator. If the new certificate is not active after restart, you can restore the previous certificate. Follow the steps detailed in the Restore Previous Certificate section. |
Certificate Maintenance | Selects an existing certificate that your company has title to, and uses this certificate to control access to Server Administrator. |
Import root certificate | Allows the user to import the root certificate, as well as the certificate response (in PKCS#7 format), received from the trusted certificate authority. Some of the reliable certificate authorities are Verisign, Thawte, and Entrust. |
Import certificate chain | Allows the user to import the certificate response (in PKCS#7 format) from the trusted certificate authority. Some of the reliable certificate authorities are Verisign, Thawte,and Entrust. |
Alias | An alias is a shortened, keystore-specific name for an entity that has a certificate in the keystore. A user can assign any alias name for the public and the private key in the keystore. |
Key Signing Algorithm |
Displays the supported signing algorithms. Select an algorithm from
the drop down list.
NOTE: If you
select either SHA 512 or SHA 256,ensure that your operating
system/browser supports this algorithm. If you select one of these
options without the requisite operating system/browser support, server
administrator will display a "cannot display the webpage"
error.
|
Key Generation Algorithm | Describes the algorithm to be used to generate the certificate. Commonly used algorithms are RSA and DSA. |
Key Size | Encryption strength for your private key. The default value is 1024. |
Validity Period | Length of time the certificate is to be valid, expressed in days. |
Common Name (CN) | Exact name of the host or domain to be secured, for example, xyzcompany.com. |
Organization (O) | Full company name as it appears in your company's certificate of incorporation, or as it is registered with your state government. |
Organization Unit (OU) | Division of this company applying for the certificate, for example, E-Commerce Department. |
Locality (L) | The city or place name where the organization is registered or incorporated. |
State (ST) | The state or province where the organization is registered or incorporated. Spell out the name. |
Country (C) | Two-letter country code, for example, US for United States and UK for United Kingdom. |
Certificates | This is the name of the X.509 certificate that is currently being used. |
Select appropriate action | Certificate Signing Request (CSR) : Use the information in the existing certificate to build a certificate request. |
Display Contents : Display the contents of the certificate. This option results in an extensive report that parses the components of the certificate. | |
Export Certificate in BASE 64-encoded format : Export an existing certificate for use by another application. |
Alias | An alias is a shortened, keystore-specific name for an entity that has a certificate in the keystore. A user can assign any alias name for the public and the private key in the keystore. |
Creation Date | Date the existing certificate was originally created. |
Provider | The default certificate provider is the Sun Microsystems security provider. Sun has one certificate factory that works with certificates of type X509. |
Certificate Chain | Complete certificate which has the root certificate as well as the response associated with it. |
Attribute | Certificate Value |
Type | X.509. |
Version | Version of X.509. |
IsValid | Whether Server Administrator considers the certificate to be valid (Yes or No). |
Subject | Name of the entity for whom the certificate has been issued. This entity is referred to as the subject of the certificate. |
Issuer | Name of the certificate authority who signed the certificate. |
Valid From | First date the certificate is good for first use. |
Valid To | Last date the certificate is good for use. |
Serial Number | Unique number that identifies this certificate. |
Public Key | Public Key of the certificate, that is, the key that belongs to the subject the certificate vouches for. |
Public Key Algorithm | RSA or DSA. |
Key Usage | Key usage extension, which defines the purpose of the key. You can use a key for digital signing, key agreement, certificate signing, and more. The key usage is an extension to the X.509 specification and need not be present in all X.509 certificates. |
Signature | Certificate authority's identifying digest that confers validity on a certificate. |
Signature Algorithm Name | Algorithm used to generate the signature. |
Signature Algorithm OID | Object ID of the signature algorithm. |
Signature Algorithm Parameters | Algorithm used to generate the signature that uses the TBS certificate as input. |
TBS Certificate | Body of the actual certificate. It contains all the naming and the key information held in the certificate. The TBS certificate is used as an input data to the signature algorithm when the certificate is signed or verified. |
Basic Constraints | An X.509 certificate may contain an optional extension that identifies whether the subject of the certificate is a certificate authority (CA). If the subject is a CA, this extension returns the number of certificates that may follow this certificate in a certification chain. |
Subject Unique ID | String that identifies the applicant for the certificate. |
Issuer Unique ID | String that identifies the issuer of the certificate. |
MD5 Fingerprints | Digital signature algorithm that verifies data integrity by creating a 128-bit message digest or fingerprint. The fingerprint is as unique to the input data as a person's fingerprint is to only one individual person. |
SHA1 Fingerprints | Secure hashing algorithm, a cryptographic message digest algorithm used to verify data integrity by making replication of the digest or fingerprint "computationally expensive," that is, not worth the effort. |
Encoded Certificate | Content of the certificate in binary form. |
![]() |
Prints a copy of the open window to your default printer. |
![]() |
E-mails the contents of this window to your designated recipient. See the Server Administrator User's Guide for instructions about configuring your Simple Mail Transfer Protocol (SMTP) server. |
Next | Go to the next task. |
![]() |
Displays the online help for this page. |