Digital Certificates

Generating a Self Signed Signing Certificate

A Signing Certificate is required to create Client and Server Certificates. The signing process ensures that the source of the certificate is known and the certificate is valid. Multiple Signing Certificates may be created and stored on the Security Server, but only one may be active at a time.

Creating a Self Signed Signing Certificate

  1. On the MenuBar, go to Certificates:Generate to display the Generate New Certificate or Request dialog.

  2. Select the Signing Certificate radio button, the Both radio button, and the appropriate Key Size radio button. Key sized greater than 768 bits are recommended.

  3. Enter the Certificate Name: It must be 8 characters or fewer containing numbers, letters, or underscores. It is used to create the certificate and private key filenames.

  4. Enter the Challenge Password: It must be at least four characters containing numbers, letters, or underscores. It is used to protect the private key file from unauthorized use.

  5. Enter the Common Name: This is generally a computer name or address. Some CAs require that this field not contain any blanks or special characters.

  6. Enter the Email Address: This is used when generating Client Certificates or Client Certificate Requests and may be left blank for Server or Signing Certificates.

  7. Enter the Organization Name: This specifies the Organization Name portion of the Distinguished Name field.

  8. Enter the Organization Unit: This specifies the Organization Unit portion of the Distinguished Name field.

  9. Enter the Locality or City: This specifies the Locality portion of the Distinguished Name field.

  10. Enter the State or Province: This specifies the State or Province portion of the Distinguished Name field. Some CAs require that this field contain the full state name.

  11. Enter the Country Code: This specifies the Country Code portion of the Distinguished Name field.

  12. Enter the Validity Period: This field is set by the CA and is not part of the Certificate Request.

  13. Click the Generate... button to generate the certificate and key files.

  14. The Certificate Request Complete dialog appears indicating the name and location of the Certificate Request, Certificate, and Private Key File.