Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual page 180

17.2.4 Creating or Revoking User
Creating client and server certificates is very similar to creating CAs in
"Creating a Root CA"
for e-mail signature, the e-mail address of the sender (the private key owner) should
be contained in the certificate to enable the e-mail program to assign the correct certifi-
cate. For certificate assignment during encryption, it is necessary for the e-mail address
of the recipient (the public key owner) to be included in the certificate. In the case of
server and client certificates, the hostname of the server must be entered in the Common
Name field. The default validity period for certificates is 365 days.
To create client and server certificates, do the following:
1 Start YaST and open the CA module.
2 Select the required root CA and click Enter CA.
3 Enter the password if entering a CA for the first time. YaST displays the CA key
4 Click Certificates (see
Figure 17.3 Certificates of a CA
168 Security Guide
Certificates
(page 164). The same principles apply here. In certificates intended
information in the Description tab.
Figure 17.3 ).
Section 17.2.1,