“Details” tab
These 4 sections will contain the same data concerning the “ Validity” of the authority, its
recipient (“Issued for”), its “Issuer” and its “Fingerprint” (information about the product and its
version).
Adding a Smartcard certificate
The Smartcard certificate is linked to a Microsoft Windows account associated with a user and a
certificate. It allows signing and issuing certificates that allow the authentication of registered
users in the Active Directory (see document on Directory configuration (LDAP)\Connection to a
Microsoft Active Directory), and also in your LDAP database.
NOTE
Each user will be assigned a Windows account. Consequently, each user is assigned a
Smartcard certificate. The CA used must have defined CRLDPs.
Name (CN)
(mandatory)
Enter a name for the Smartcard certificate, limited to a maximum of 64 characters.
Identifier Even though this field is not mandatory, you can indicate here a shortcut to your CN,
which will come in handy for your command lines.
Example If you had selected a first name and last name for your CN, the ID may
indicate just the initials.
E-mail address
(mandatory)
In this field, enter the e-mail address of the user for whom you wish to create a
certificate.
Main user name
(Windows)
Enter the name of the owner of the Windows account for whom you wish to create a
Smartcard certificate.
Proceed in the same way as for adding a user certificate:
Specify the various options for your Smartcard certificate. The field “Validity” is set by default to
365 days, and the field Key size to 1024 bits.
You can then “Publish this certificate in the LDAP directory” by selecting the relevant option,
and define a password that you will confirm for the PKCS#12 container.
After having clicked on Next, select a parent CA for your certificate and enter its password. You will
see a summary of the data that was entered.
Click Finish.
By clicking on the relevant certificate, detailed information about it will be displayed on the right
side of the screen in a single tab:
“Details” tab
These 4 sections will contain the same data concerning the “ Validity” of the authority, its
recipient (“Issued for”), its “Issuer” and its “Fingerprint” (information about the product and its
version).
Adding a server certificate
The server certificate is installed on a web server and allows providing a link between them.
In the case of a website, it allows checking that the URL and its DN (domain name) belong to the
stated company.
Define the properties of the server certificate through the wizard.
Page 72/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SNS - USER CONFIGURATION MANUAL V.3
CERTIFICATES AND PKI
To Next Page
Loading...
