Table of Contents
Advertisement
"Properties" tab
This tab presents the Key size (bits), the Validity (days) and the Encryption algorithm for the
certification authority (including the CRL validity (days) for the CA, limited to a maximum of 3650
days), user certificates, Smartcard certificates and server certificates.
Adding a sub-CA
During the creation of a sub-CA, the windows are similar to those for the root CA. The configuration
wizard for a sub-CA requires a "parent" reference from which it will copy information.
The CA selected as a reference for the sub-CA will be the default CA, or the last CA selected before
clicking on "Add a sub-CA".
You will need to enter a CN and an ID to begin with. Next, enter the password of the parent
authority in the field "Password for the parent CA".
The icon
Click on Next.
The screen that follows will ask for the password of your CA and a confirmation.
You can also enter your E-mail address, Key size (in bits), as well as the duration of your sub-
CA's Validity (in days).
You will then see a summary of the information entered.
To view your sub-CA in the list to the left, expand the parent CA to which it is attached.
Click Finish.
By clicking on the relevant sub-CA, detailed information about it will be displayed on the right side
of the screen in 3 tabs:
"Details" tab
These 4 sections will contain the same data concerning the " Validity " of the authority, its
recipient ("Issued for"), its "Issuer" and its "Fingerprint" (information about the product and its
version).
"CRL" tab
Rounds up information regarding the CRL: its la validity including the last and next update, the
table of distribution points and the table of revoked certificates which should contain a serial
number, a revocation date and a reason for the revocation (optional).
"Properties" tab
This tab presents the Key size (bits) and the Validity (days) for the certification authority
(including the CRL validity (days) for the CA, limited to a maximum of 3650 days), user
certificates, Smartcard certificates and server certificates.
Adding a user certificate
In the configuration wizard, the administrator will specify information relating to the user for whom
he wishes to create a certificate, by entering the user's e-mail address.
Page 70/448
allows you to view the password in plaintext to check that it is correct.
NOTE
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
CERTIFICATES AND PKI
- Quick Links:
- Administrator Management
Hide quick links:
Advertisement
Table of Contents
