File extension:
*1 Available only when the key algorithm is 1024 bits or more.
●
Up to 150 CA certificates can be registered.
◼
Registration of S/MIME Certificates
●
The algorithms and formats of S/MIME certificates that can be registered are as follows.
RSA signature algorithm:
RSA public-key algorithm (key length):
DSA signature algorithm:
DSA public-key algorithm (key length):
ECDSA signature algorithm:
ECDSA public-key algorithm (key length): ECDSA (P256/P384/P521)
Certificate format:
File extension:
*1 Available only when the key algorithm is 1024 bits or more.
●
Up to 2,000 S/MIME certificates can be registered.
◼
Registration of Certificate Revocation Lists (CRL)
Up to 50 certificate revocation lists (CRL) can be registered. Note, however, that CRL cannot be registered in the
following cases.
●
The data size of the CRL exceeds 1 MB.
●
An unsupported signature algorithm is being used.
●
The number of revoked certificates registered in one CRL file exceeds 1,000.
◼
Definition of "Weak Encryption"
When <Prohibit Use of Weak Encryption> is set to <On>, the use of the following algorithms are prohibited.
Hash:
HMAC:
Common key cryptosystem: RC2, RC4, DES
Appendix
cer/pem
SHA-1/SHA-256/SHA-384
RSA (512 bits/1024 bits/2048 bits/4096 bits)
SHA-1
DSA (1024 bits/2048 bits/3072 bits)
SHA-1/SHA-256/SHA-384/SHA-512
X.509 DER/PEM
cer/pem
MD4, MD5, SHA-1
HMAC-MD5
1065
*1
*1
/SHA-512
/MD2/MD5