Specify the Certificate Parameters

You can view or enter the following certificate parameters.

Subject Name
By default, this field displays the fully-typed name of the user who will own the certificate. You cannot modify this field.

Signature Algorithm
Use the drop-down list to select the signature algorithm that the certificate authority (CA) will use to sign the public key certificate. All options use the RSA** encryption algorithm. RSA encryption is a common public key algorithm.

RSA Encryption with MD2 Hash
MD2 (Message Digest 2) is recommended for compatibility with older or external PKI systems only.
MD2 has been shown to produce hash collisions. Collisions occur when two different messages hash to the same value. Using MD2 is therefore discouraged.
RSA Encryption with MD5 Hash
MD5 (Message Digest 5) is recommended for compatibility with older or external PKI systems only.
MD5 has been shown to produce pseudo-collisions on the hashed values. Using MD5 is therefore discouraged.
RSA Encryption with SHA-1 Hash
SHA-1 (Secure Hash Algorithm version 1) is a message digest function proposed by the National Institute of Standards and Technology (NIST). Novell* recommends SHA-1 for all generated public key certificates.

Validity Period
Use the browse button to specify a period over which the user certificate will be valid. The range is from six months to the maximum, the year 2036 (a time limitation based on a 32-bit time value). If you choose the Specific Dates option, you can edit the Effective Date and the Expiration Date fields to create a custom validity period. The maximum date selected must fall within the validity date of the CA.

Effective Date
This field is used to display or edit the time and date when the user certificate becomes valid.

Expiration Date
This field is used to display or edit the time and date when the user certificate becomes invalid.

E-mail Address
The e-mail address is used as a secondary or alternate subject name. Some cryptography-enabled applications that are used for secure e-mail require a certificate to specify an e-mail address.

* Novell trademark. ** Third-party trademark. For more information, see Trademarks.