Table of Contents
Advertisement
Enter client certificate information based on the below descriptions.
Enter the common name for the server certificate.
Cert. Name
Note: It could be any name to identify this certificate.
Example: "ClientCertificate".
Select the CA certificate previously generated from the drop-down list.
CA Certificate
Example: "CATest".
Choose the certificate type from the drop-down list. It can be either a client or a server certificate.
Certificate Type
Choose "Server" to generate a server certificate.
Username
Select created user to generate his certificate.
Choose the key length for generating the CA certificate.
The following values are available:
● 512: 512-bit keys are not secure and it's better to avoid this option.
Key Length
● 1024: 1024-bit keys are no longer sufficient to protect against attacks.
● 2048: 2048-bit keys are a good minimum. (Recommended).
● 4096: 4096-bit keys are accepted by nearly all RSA systems. Using 4096-bit keys will dramatically increase
Choose the digest algorithm:
● SHA1: This digest algorithm provides a 160-bit fingerprint output based on arbitrary-length input.
Digest Algorithm
● SHA256: This digest algorithm generates an almost unique, fixed-size 256 bit hash.
Note: Hash is a one-way function, it cannot be decrypted back.
Enter the validity date for the CA certificate in days.
Expiration (D)
In our example, set to "120".
Select a country code from the dropdown list.
Country / Region
Example: "MA".
Figure 53: Client Certificate
generation time, TLS handshake delays, and CPU usage for TLS operations.
Advertisement
Table of Contents
