1. Securing HCM
  2. Types of Certificates

Types of Certificates

For a PGP or X.509 certificate, one operation creates both the public and private keys. From the Certificates page, select the Generate option. In a Generate page, select the certificate format, then enter values appropriate for the format.

For a PGP certificate, these values include:

  • An alias (name) and passphrase to identify the certificate uniquely.

  • The type of generated key: DSA or RSA.

  • Key length: 512, 1024, or 2048.

  • Encryption algorithm option for key generation: AES128, AES256

For an X.509 certificate, these values include:

  • An alias (name) and private key password to identify the certificate uniquely.

  • A common name, which is an element of the "distinguished name" for the certificate. The common name identifies the entity for which the certificate is being created, in its communications with other web entities. It must match the name of the entity presenting the certificate. The maximum length is 64 characters.

  • Optionally, other identifying values: Organization, Organization Unit, Locality, State/Province, and Country. These are also elements of the distinguished name for the certificate, although the Security Console doesn't perform any validation on these values.

  • An algorithm by which keys are generated, MD5 or SHA1.

  • A key length.

  • A validity period, in days. This period is preset to a value established on the General Administration page. You can enter a new value to override the preset value.