This submenu is called up from X.509 Root Certificates.
Sections on this page:
This section displays information about the owner of the CA certificate.
Depending on the certificate, not all parameters listed here must be given.
Parameters |
Description |
|---|---|
Specifies the name of your own certification authority |
|
As a rule, the email address of the administrator of your own certification authority or their department is entered. |
|
Organisational unit, such as a department name, e.g. "Security" |
|
Specifies the organisation for which the certificate was issued, for example "Company" |
|
Location, for example a town like "Neuenhof" |
|
Federal state, canton, province or similar, for example "AR" for "Appenzell Ausserrhoden" |
|
Country, for example "CH" for "Switzerland" |
|
Serial number of the certificate |
This section displays information about the issuer of the CA certificate (root certificate).
Depending on the issuer, not all parameters listed here have to be given.
Parameters |
Description |
|---|---|
Name of the issuing certification authority |
|
Generally, this is an email address for support enquiries to the issuer |
|
Specifies an organisational unit of the issuer |
|
Specifies the issuing organisation |
|
Indicates the location of the issuer |
|
Indicates a federal state, canton, province or similar where the issuer is located |
|
Specifies the country where the issuer is located |
Specifies the validity of your own CA certificate.
Parameters |
Description |
|---|---|
Issue date of the certificate |
|
Expiration date of the certificate |
The fingerprint is the checksum (also hash) and is used to verify a certificate. At this point, the hash algorithm (for example MD5 SHA1 or SHA256) with which the checksum was formed as well as the calculated value are displayed. If several fingerprints of different algorithms are available, each one is output in a separate line.
Parameters |
Description |
|---|---|
SHA1 fingerprint of the certificate Example: D8:CF:CC:47:84:92:A9:F0:7E:2A:15:E8:2E:4F:CA:26:5C:60:10:E9 |
|
SHA265 fingerprint of the certificate Example: 83:06:F6:84:34:C2:E7:79:50:47:7B:EC:32:B7:22:13:FD:1F:9C:41:B4:B4:F9:C3:AB:85:12:AA:6B:1E:D2:BE |
Displays the intended purpose of the certificate, taking only the purposes from the following table into account.
Possible statuses are "Yes" or "No".
Parameters |
Description |
|---|---|
digitalSignature/digital signature |
|
keyEncipherment/key encryption |
|
keyCertSign/certificate signature |
|
keyCertSign/certificate signature |
|
keyCertSign/certificate signature |
Displays advanced information about the certificate.
Parameters |
Description |
|---|---|
Shows the signature algorithm of the certificate, for example •md5WithRSAEncryption •sha1WithRSAEncryption •sha256WithRSAEncryption |
|
Displays the point in time of the last certificate check (via CRL or OCSP). With Check now... you can force an immediate check of the revocation information. |
|
Displays the result of the last certificate check. |
|
Outputs the authority information access (abbreviated AIA) - i.e. the OCSP path. This item is only visible if the extension authority information access is set in the certificate. |
|
Outputs the crlDistributionPoint (distribution point for revocation lists), i.e. the location under which the CRL is made available. This item is only visible if the extension crlDistributionPoint is set in the certificate. |
Here, you can enter a personal comment about the certificate, for example why the corresponding trust position was selected.
Click Save comment to save this comment.
Clicking the Download certificate button allows you to save the certificate in CRT format.
Depending on the trust position, the Trust this certificatebutton, via which the trust in the certificate is confirmed, or the Untrust this certificatebutton, via which the trust is rejected, appears.
With Delete certificate, the certificate is deleted from the SEPPmail Secure E-Mail Gateway. If, subsequently, an email which has been signed with a key of this certification authority is received, the certificate will be saved again with the trust status "?" in the appliance.
