beautypg.com

Distinguished names – Allied Telesis AT-S62 User Manual

Page 707

background image

AT-S62 Management Software Menus Interface User’s Guide

Section VII: Management Security

707

general use, but will only be used by you and other network managers,
you might decide that the switch’s certificate need not be issued by this
type of CA.

Some large companies have private CAs. This is a person or group within
the company with the responsibility of issuing certificates for the
company’s network equipment. The value of a private CA is that the
company can keep track of the certificates and control access to various
network devices.

If your company is large enough, it might have a private CA and you might
want that group to issue any AT-8500 Series certificates, if for no other
reason than to follow company policy.

To obtain a CA certificate you have to create a key pair. You then need to
generate an digital document called an enrollment request. The request
will contain the public key, along with other information you want the CA to
use to create the certificate.

Before you send an enrollment request to a CA, you should first contact
the CA to determine what other documents or procedures might be
required in order for the CA to create the certificate. This is particularly
important with public CAs, which typically have strict guidelines on issuing
certificates.

Distinguished

Names

Part of the task to creating a self-signed certificate or enrollment request is
selecting a distinguished name. A distinguished name is integrated into a
certificate along with the key. A distinguished name can have up to five
parts. The parts are:

ˆ

cn - common name

This can be the name of the person who will use the certificate.

ˆ

ou - organizational unit

This is the name of a department, such as Network Support or IT.

ˆ

o - organization

This is the name of the company.

ˆ

st - state

This is the state.

ˆ

c - country

This is the country

A certificate name does not have to contain all of these parts. You can use
as many or as few as you want. You separate the parts with a comma. You
can use alphanumeric characters, as well as spaces in the name strings.

See also other documents in the category Allied Telesis Computer hardware: