This submenu is called up from X.509 Certificates.
Sections on this page:
This section displays information about the owner of the SSL certificate.
Depending on the certificate, not all parameters listed here must be given.
Parameters |
Description |
|---|---|
This field contains the name of the applicant as it was transmitted to the CA with the application for the certificate. This may sometimes include the email address in the following form Email: john.doe@mycompany.tld Generally, however, email addresses are no longer accepted as "CN". |
|
Generally, the email address of the applicant is displayed. This can also be a collective address. |
|
Organisational unit, such as a department name, e.g. "Accounting" |
|
Specifies the organisation for which the certificate was issued, for example My Company Corporation |
|
Location, for example a town like "Neuenhof" or also a partial building like plant2 |
|
Federal state, canton, province or similar, for example Paradigm State |
|
Country, for example com for "commercial" |
|
Serial number of the certificate |
|
Displays the Email address as well as any applicable alternative names. |
This section displays information about the issuer of the SSL certificate (root certificate).
Depending on the issuer, not all parameters listed here have to be given.
Parameters |
Description |
|---|---|
Name of the issuing certification authority |
|
Generally, this is an email address for support enquiries to the issuer |
|
Specifies an organisational unit of the issuer |
|
Specifies the issuing organisation |
|
Indicates the location of the issuer |
|
Indicates a federal state, canton, province or similar where the issuer is located |
|
Specifies the country where the issuer is located |
|
Serial number of the certificate |
Shows the validity of the certificate.
Parameters |
Description |
|---|---|
Issue date of the certificate |
|
Expiration date of the certificate |
The fingerprint is the checksum (also hash) and is used to verify a certificate. At this point, the hash algorithm (for example MD5 SHA1 or SHA256) with which the checksum was formed as well as the calculated value are displayed. If several fingerprints of different algorithms are available, each one is output in a separate line.
Parameters |
Description |
|---|---|
SHA1 fingerprint of the certificate Example: D8:CF:CC:47:84:92:A9:F0:7E:2A:15:E8:2E:4F:CA:26:5C:60:10:E9 |
|
SHA265 fingerprint of the certificate Example: 83:06:F6:84:34:C2:E7:79:50:47:7B:EC:32:B7:22:13:FD:1F:9C:41:B4:B4:F9:C3:AB:85:12:AA:6B:1E:D2:BE |
Section Valid e-mail addresses
In this section you can specify alternative email addresses for which the keys are also to be available. Thus a certificate which is primarily issued for
Associated Email Address: john.doe@mycompany.tld
and therefore, as applicant, something like
E = john.doe@mycompany.tld
CN = John Doe
O = My Company Corporation
C = com
would be indicated, could also be used for the alternative email addresses j.doe@mycompany.tld and doe@mycompany.tld for encryption if these addresses were entered.
This could be helpful, for example, when changing the top-level domain of an email domain from .uk to .com.
After saving via Save addresses, an additional input field is displayed.
Displays the intended purpose of the certificate, taking only the purposes from the following table into account.
Parameters |
Description |
||
|---|---|---|---|
digitalSignature/digital signature |
|||
keyEncipherment/key encryption |
|||
keyCertSign/certificate signature |
|||
Indicates whether this certificate is used for encryption to the applicant (Issued to) and/or to the email address(es) entered under Valid e-mail addresses.
|
Click on Save usage to save changes.
Displays advanced information about the certificate.
Parameters |
Description |
|---|---|
Shows the signature algorithm of the certificate, for example •md5WithRSAEncryption •sha1WithRSAEncryption •sha256WithRSAEncryption |
|
Displays the crypto system with which the key has been generated. Generally, this is RSA. |
|
Shows the key length. Generally, only key lengths of 2048 bit and more are used. |
|
Displays the point in time of the last certificate check (via CRL or OCSP). With Check now... you can force an immediate check of the revocation information. |
|
Displays the date of the last successful OCSP and/or CRL check. |
|
Displays the result of the last certificate check. |
|
Outputs the authority information access (abbreviated AIA) - i.e. the OCSP path. This item is only visible if the extension authority information access is set in the certificate. |
|
Outputs the crlDistributionPoint (distribution point for revocation lists), i.e. the location under which the CRL is made available. This item is only visible if the extension crlDistributionPoint is set in the certificate. |
|
Specifies which keys are included, private, public/ |
Here, you can enter a personal comment about the certificate, for example why the corresponding trust position was selected.
Click on Save comment to save this comment.
Clicking the Download certificate button allows you to save the certificate in CRT format.
With Delete certificate, the certificate is revoked by the SEPPmail Secure E-Mail Gateway and deleted by a second click, if applicable.
