Spectracom SecureSync 1200 User Reference Manual page 81

4.
CHAPTER •
2 SecureSync User Reference Guide Rev. 23
Optional Organization Name : An optional name for the organization creating
the certificate.
Self-Signed Certificate Expiration (Days) : How many days before the certificate
expires. The default is 7200.
You are required to select a signature algorithm, a private key passphrase of at least
4 characters, a private key bit length, and the certificate expiration in days. The remain
ing fields are optional.
It is recommended that you consult your Certificate Authority for the required fields in
an X 509-certificate request. Spectracom recommends all fields be filled out and match
the information given to your Certificate Authority. For example, use all abbreviations,
spellings, URLs, and company departments recognized by the Certificate Authority. This
helps to avoid problems the Certificate Authority might otherwise have reconciling cer
tificate request and company record information.
If necessary, consult your web browser vendor's documentation and Certificate Authority
to see which key bit lengths and signature algorithms your web browser supports.
Spectracom recommends that when completing the Common Name field, the user
provide a static IP address, because DHCP-generated IP addresses can change. If the
hostname or IP address changes, the X.509 certificate must be regenerated.
It is recommended that the RSA Private Key Bit Length be a power of 2 or multiple of 2.
The key bit length chosen is typically 1024, but can range from 512 to 4096. Long key
bit lengths of up to 4096 are not recommended because they can take several hours to
generate. The most common key bit length is the value 1024.
Note: The default key bit length value is 2048.
When using a self-signed certificate, choose values based on your company's security
policy.
When the form is complete, check the box Create Self Signed Certificate at the top of
the window, then click Submit . Clicking the Submit button automatically generates the
Certificate Request in the proper format for subsequent submission to the Certificate
Authority.
It may take several minutes for SecureSync to create the certificate
Note:
request and the private key (larger keys will require more time than small
keys). If the unit is rebooted during this time, the certificate will not be cre
ated.
To view the newly generated request, in the HTTPS Setup window, click the Certificate
Request tab.
2.14 Configuring Network Settings
65