|
| Chapter 18 Certificates | |
| Table 68 Certificates > My Certificate Create (continued) | ||
| LABEL | DESCRIPTION |
|
| Organization | Type up to 127 characters to identify the company or group to which |
|
|
| the certificate owner belongs. You may use any character, including |
|
|
| spaces, but the NWA drops trailing spaces. |
|
|
|
|
|
| Country | Type up to 127 characters to identify the nation where the certificate |
|
|
| owner is located. You may use any character, including spaces, but |
|
|
| the NWA drops trailing spaces. |
|
|
|
|
|
| Key Length | Select a number from the |
|
|
| many bits the key should use (512 to 2048). The longer the key, the |
|
|
| more secure it is. A longer key also uses more PKI storage space. |
|
|
|
|
|
| Enrollment Options | These radio buttons deal with how and when the certificate is to be |
|
|
| generated. |
|
|
|
|
|
| Create a self- | Select Create a |
|
| signed certificate | the certificate and act as the Certification Authority (CA) itself. This |
|
|
| way you do not need to apply to a certification authority for |
|
|
| certificates. |
|
|
|
|
|
| Create a | Select Create a certification request and save it locally for |
|
| certification | later manual enrollment to have the NWA generate and store a |
|
| request and save it | request for a certificate. Use the My Certificate Details screen to |
|
| locally for later | view the certification request and copy it to send to the certification |
|
| manual enrollment | authority. |
|
|
| Copy the certification request from the My Certificate Details |
|
|
| screen (Section 18.4.3 on page 214) and then send it to the |
|
|
| certification authority. |
|
|
|
|
|
| Create a | Select Create a certification request and enroll for a |
|
| certification | certificate immediately online to have the NWA generate a |
|
| request and enroll | request for a certificate and apply to a certification authority for a |
|
| for a certificate | certificate. |
|
| immediately online | You must have the certification authority’s certificate already |
|
|
| imported in the Trusted CAs screen. |
|
|
| When you select this option, you must select the certification |
|
|
| authority’s enrollment protocol and the certification authority’s |
|
|
| certificate from the |
|
|
| authority’s server address. You also need to fill in the Reference |
|
|
| Number and Key if the certification authority requires them. |
|
|
|
|
|
| Enrollment | Select the certification authority’s enrollment protocol from the |
|
| Protocol |
| |
|
| Simple Certificate Enrollment Protocol (SCEP) is a |
|
|
| enrollment protocol that was developed by VeriSign and Cisco. |
|
|
| Certificate Management Protocol (CMP) is a |
|
|
| enrollment protocol that was developed by the Public Key |
|
|
| Infrastructure X.509 working group of the Internet Engineering Task |
|
|
| Force (IETF) and is specified in RFC 2510. |
|
|
|
|
|
| CA Server Address | Enter the IP address (or URL) of the certification authority server. |
|
|
|
|
|
| 213 |
|
|