Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 764
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
DNs in Certificate System
For example:
CN=Jane Doe, OU=Human Resources, O=Example Corporation, C=US
•
The server that owns the certified key pair (for SSL server certificates)—to form this
type of DN, use the
the form
CN=<host_name>, OU=<division_name>, O=<company_name>,
C=<country_name>
For example:
CN=corpDirectory.example.com, OU=Human Resources, O=Example
Corporation, C=US
When clients such as Netscape Navigator receive a server certificate, they expect the
CN
name in the certificate and the host name of the server do not match, Navigator notifies
the user and gives the user the choice of not connecting to the server.
For example, if Navigator goes to the URL
https://corpDirectory.example.com
it expects the
corpDirectory.example.com
example,
subject name does not match the host name in the URL.
DNs in CA Certificates
In CA certificates issued by Certificate System (for both root and subordinate CAs), DNs
are used to identify the authority who owns the certified key pair.
To form this type of distinguished name, use the
CA:
CN=<CA_name>, O=<company_name>, C=<country_name>
For example:
Corporation, C=US
DN Patterns and Certificate Subject Names
You can configure Certificate System to issue certificates with subject names that are
formulated from the directory attributes and entry DN. The
variable of the automated-enrollment modules enable you to configure the server to issue
certificates with required subject names. Note that
subject name pattern to formulate from the directory attributes and entry DN. If empty or
not set, Certificate System uses the LDAP entry DN as the certificate subject name.
764
Red Hat Certificate System Administrator's Guide • September 2005
component to specify the server's fully qualified host name in
CN
<machine_name>.<your_domain>.<domain>
component of the certificate's subject to match the host name in the URL. If the
component of the certificate's subject to be
CN
corpDir.example.com
CN=Example Corporation Certificate Authority, O=Example
and receives a certificate from the server,
. If the
component has a different value (for
CN
), Navigator notifies the user that the certificate's
component to specify the name of your
CN
dnpattern
dnpattern
:
configuration
is a string representing a
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR and is the answer not in the manual?