Personal certificate requests settings
Use this page to create a new certificate request that can be extracted and sent to a certificate authority (CA).
To view this administrative console page, click . Under Configuration settings, click . Under Related items, click . Under Additional Properties, click Personal certificates requests. Then click the New button.
Personal certificate requests are temporary place holders for certificates that will be signed by a certificate authority (CA). The private key is generated during the certificate request generation, but only the certificate is sent to the CA. The CA generates a new certificate, signed by the CA.
File for certificate request
Specifies the fully qualified file name from which the certificate request is exported.
This portion of the certificate request can be given to the certificate authority to generate the
real certificate. After the real certificate is generated, you can perform a Receive a
certificate from a certificate authority from the personal certificate collection
view.
| Information | Value |
|---|---|
| Data type: | String |
Key label
Specifies the alias that represents the personal certificate request in the key store.
| Information | Value |
|---|---|
| Data type: | String |
Key size
Specifies the size of the keys that are generated.
| Information | Value |
|---|---|
| Data type: | Integer |
| Default: | 2048 |
Common name
Specifies the name of the entity that the certificate represents. This common name can represent a person, company, or machine. For web sites, the common name is frequently the DNS host name where the server resides.
| Information | Value |
|---|---|
| Data type: | String |
Organization
Specifies the organization portion of the distinguished name.
| Information | Value |
|---|---|
| Data type: | String |
Organizational unit
Specifies the organization unit portion of the distinguished name. This field is optional.
| Information | Value |
|---|---|
| Data type: | String |
Locality
Specifies the locality portion of the distinguished name. This field is optional.
| Information | Value |
|---|---|
| Data type: | String |
State or province
Specifies the state portion of the distinguished name. This field is optional.
| Information | Value |
|---|---|
| Data type: | String |
Zip code
Specifies the zip code portion of the distinguished name. This field is optional.
| Information | Value |
|---|---|
| Data type: | Integer |
Country or region
Specifies the country portion of the distinguished name.
| Information | Value |
|---|---|
| Data type: | String |
![[8.5.5.18 or later]](../images/ng_v85518.svg)
SAN email address
Identifies the email address value to include in the subject alternative name (SAN) extension. This field is optional.
SAN IP address
Identifies the IP address value to include in the subject alternative name (SAN) extension. This field is optional.
SAN DNS name
Identifies the DNS name of the server for the subject alternative name (SAN), which is usually the same as the CN value. This field is optional.
Key usage
Identifies the key usage certificate extensions to include in the certificate. This field is optional.
Valid values are digital_signature, non_repudiation,
key_encipherment, data_encipherment,
encipher_only, and decipher_only.
Extended key usage
Identifies the extended key usage certificate extensions to include in the certificate. This field is optional.
Valid values are ServerAuth_Id, ClientAuth_Id,
CodeSigning_Id, EmailProtection_Id,
IPSecEndSystem_Id, IPSecTunnel_Id, IPSecUser_Id,
and TimeStamping_Id.