Specify the following details:
The following attributes are the most common ones used in certificate subjects:
Common name: The DNS name of the server.
Specify the value, for example AcmeWebServer.provo.com. Do not include the type (cn=). The UI adds that for you.
For Identity Server, this is the domain name of the base URL of Identity Server configuration. This value cannot be an IP address or begin with a number, to ensure that trust does not fail between providers.
For Access Gateway, this is the published DNS name of the proxy service.
Organizational unit: Describes departments or divisions.
Organization: Differentiates between organizational divisions.
City or town: Commonly referred to as the Locality.
State or province: Commonly referred to as the State. Do not abbreviate the name.
Country: The country, such as US.
Add additional attributes based on requirements.
These values allow you to specify additional fields that are supported by eDirectory, and you can include them as part of the subject to further identify the entity represented by the certificate.
CN: The Common name attribute in the list of Commonly used attributes (OID: 2.5.4.3)
C: The Country attribute in the list of Commonly used attributes (OID: 2.5.4.6)
SN: The surname attribute (OID: 2.5.4.4)
L: The locality attribute, which is the City or town attribute in the list of Commonly used attributes (OID: 2.5.4.7)
ST: The State or province attribute in the list of Commonly used attributes (OID: 2.5.4.8)
S: The State or province attribute in the list of Commonly used attributes (OID: 2.5.4.8)
O: The Organization attribute in the list of Commonly used attributes (OID: 2.5.4.10)
OU: The Organizational unit attribute in the list of Commonly used attributes (OID: 2.5.4.11)
street: Describes the street address (OID: 2.5.4.9)
serialNumber: Specifies the serial number of a device (OID: 2.5.4.5)
title: Describes the position or function of an object (OID: 2.5.4.12)
description: Describes the associated object (OID: 2.5.4.13)
searchGuide: Specifies a search filter (OID: 2.5.4.14)
businessCategory: Describes the kind of business performed by an organization (OID: 2.5.4.15)
postalAddress: Specifies address information required for the physical delivery of postal messages (OID: 2.5.4.16)
postalCode: Specifies the postal code of an object (OID: 2.5.4.17)
postOfficeBox: Specifies the post office box for the physical delivery of mail (OID: 2.5.4.18)
physicalDeliveryOfficeName: Specifies the name of the city or place where a physical delivery office is located (OID: 2.5.4.19)
telephoneNumber: Specifies a telephone number (OID: 2.5.4.20)
telexNumber: Specifies a telex number (OID: 2.5.4.21)
teletexTerminalIdentifier: Specifies an identifier for a telex terminal (OID: 2.5.4.22)
facsimileTelephoneNumber: Specifies the telephone number for a facsimile terminal (OID: 2.5.4.23)
x121Address: Specifies the address used in electronic data exchange (OID: 2.5.4.24)
internationalISDNNumber: Specifies an international ISDN number used in voice, video, and data transmission (OID: 2.5.4.25)
registeredAddress: Specifies the postal address for the delivery of telegrams or expedited documents (OID: 2.5.4.26)
destinationIndicator: Specifies an attribute used in telegram services (OID: 2.5.4.27)
preferredDeliveryMethod: Specifies the preferred delivery method for a message (OID: 2.5.4.28)
presentationAddress: Specifies an OSI presentation layer address (OID: 2.5.4.29)
supportedApplicationContext: Specifies the identifiers for the OSI application contexts in the application layer (OID: 2.5.4.30)
member: Specifies the distinguished name of an object associated with a group or a list (OID: 2.5.4.31)
owner: Specifies the name of an object that has responsibility for another object (OID: 2.5.4.32)
roleOccupant: Specifies the distinguished name of an object that fulfills an organizational role (OID: 2.5.4.33)
seeAlso: Specifies the distinguished name of an object that contains additional information about the same real-world object (OID: 2.5.4.34)
userPassword: Specifies the object's password (OID: 2.5.4.35)
name: Specifies a name that is in the UTF-8 form of the ISO 10646 character set (OID: 2.5.4.41)
givenName: Specifies the given or first name of an object (OID: 2.5.4.42)
initials: Specifies the initials of an object (OID: 2.5.4.43)
generationQualifier: Specifies the generation of an object, which is usually a suffix (OID: 2.5.4.44)
x500UniqueIdentifier: Specifies an identifier that distinguishes between objects when a DN has been reused (OID: 2.5.4.45)
dnQualifier: Specifies information that makes an object unique when information is being merged from multiple sources and objects could have the same RDNs (OID: 2.5.4.46)
enhancedSearchGuide: Specifies a search filter used by X.500 users (OID: 2.5.4.47)
protocolInformation: Specifies information that is used with the presentationAddress attribute (OID: 2.5.4.48)
distinguishedName: Specifies the distinguished name of an object (OID: 2.5.4.49)
uniqueMember: Specifies the distinguished name of an object associated with a group or a list (OID: 2.5.4.50)
houseIdentifier: Identifies a building within a location (OID: 2.5.4.51)
dmdName: Specifies a directory management domain (OID: 2.5.4.54)
E: Specifies an e-mail address.
EM: Specifies an e-mail address.
DC: Specifies the domain name for an object (OID: 0.9.2342.19200300.100.1.25)
uniqueID: Contains an RDN-type name that can be used to create a unique name in the tree (OID: 0.9.2342.19200300.100.1.1)
T: Specifies the name of the tree root object (OID: 2.16.840.1.113719.1.1.4.1.181)
OID: Specifies an object identifier in dot notation.
To create a certificate, continue with Step 5, to create a signing request, continue with Step 5.