Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 89

Key Length. Available key sizes for RSA are 512, 768, 1024, 2048, 4096, or
❍
Custom. Available key sizes for DSA are 512, 1024, or Custom (which must be in
increments of 64 bits only).
See "Signing Key Type and Length" on page 82 for more information.
Click Next to continue.
Message Digest Algorithm. Select the algorithm to use for computing the certificate
21.
signature. The choices are: SHA-1, MD2, or MD5.
Click Next to continue.
Subject Name for SSL Server Certificate. Type the values for the subject DN
22.
components; these values identify the root CA's SSL server certificate. The CN must
be the fully-qualified host name of the machine on which you're installing the
Certificate Manager.
Click Next to continue.
Validity Period for SSL Server Certificate. Select the validity period for the SSL
23.
server certificate. The validity period determines how soon you will have to renew the
certificate.
Click Next to continue.
Certificate Extensions for SSL Server Certificate. Select the required extensions.
24.
The default settings should work for most deployments. If necessary, you can add an
additional extension by pasting its base-64 encoding in the space provided on this
screen (see Step 17).
Click Next to continue.
SSL Server Certificate Creation. This informational screen tells you that the
25.
configuration wizard has all the required information to generate a key pair and its
corresponding certificate.
Click Next to generate the certificate.
Single Sign-on Summary. Check the summary and select whether to retain or delete
26.
the
password.conf
Click Next to continue.
Configuration Status. This screen should indicate that your configuration has been
27.
successful.
Click Done to exit the Installation Wizard.
file. For details, see "Token Password Storage" on page 244.
Installing a Certificate Manager
Chapter 3 Certificate Manager 89