Select the Certificate Basic Constraint

Path Length

Unspecified

Select this option if you don't wish to specify how many levels of subordinate CA's can be created under this CA.

Specific

Select this option if you wish to specify how many levels of subordinate CA's can be created under this CA. Click the up and down arrows to specify the path length.

Set Basic Constraints Extension to Critical

Check the check box to set the basic constraints extension to critical. Any extension that is critical must be understood by the receiving software before the certificate can be used for any purpose. Therefore, marking an extension as critical does pose some risk, since not all applications will be able to use the certificate. However, for well-known extensions such as key usage, the risk is minimal. In general, if key usage is specified, the extension should be marked critical.

* Novell trademark. ** Third-party trademark. For more information, see Trademarks.