State Or Province Name: From the address of the organization creating up the Cer-
tificate.
Locality Name: Locale of the organization creating the Certificate.
Organization Name: The name of the organization creating the Certificate.
Organization Unit Name: The applicable subdivision of the organization creating
the Certificate.
Common Name (e.g. Hostname or IP): This is the name of the host being authen-
ticated. The Common Name field in the X.509 Certificate must match the host-
name, IP address, or URL used to reach the host via HTTPS.
Email Address: This is the email address of the organization creating the Cer-
tificate.
Challenge Password: Valid response password to server challenge.
Optional Organization Name: An optional name for the organization creating the
Certificate.
Self-Signed Certificate Expiration (Days): How many days before the Certificate
expires. The default is 7200.
You are required to select a signature algorithm, a private key passphrase of at least
4characters, a private key bit length, and the Certificate expiration in days. The remain-
ing fields are optional.
It is recommended that you consult your Certificate Authority for the required fields in an
X509-Certificate request. Spectracom recommends all fields be filled out and match the
information given to your Certificate Authority. For example, use all abbreviations,
spellings, URLs, and company departments recognized by the Certificate Authority. This
helps to avoid problems the Certificate Authority might otherwise have reconciling Cer-
tificate request and company record information.
If necessary, consult your web browser vendor’s documentation and Certificate Authority
to see which key bit lengths and signature algorithms your web browser supports.
Spectracom recommends that when completing the Common Name field, the user
provide a static IP address, because DHCP-generated IP addresses can change. If the
hostname or IP address changes, the X.509 Certificate must be regenerated.
It is recommended that the RSA Private Key Bit Length be a power of 2 or multiple of 2.
The key bit length chosen is typically 1024, but can range from 512 to 4096. Long key
bit lengths of up to 4096 are not recommended because they can take several hours to
generate. The most common key bit length is the value 1024.
Note: The default key bit length value is 2048.
When using a self-signed Certificate, choose values based on your company’s security
policy.
70
CHAPTER 2 • SecureSync User Reference Guide Rev. 26
2.13 Configuring Network Settings
To Next Page
Loading...
