This documentation applies to the 8.0 version of Remedy Action Request System, which is in "End of Version Support." You will not be able to leave comments.

To view the latest version, select the version from the Product version menu.

Sample certificates

Two sample certificates are shown below:

Example: Microsoft Windows Certificate

Certificate information

Certificate section

Description

Common Name (CN) for Issuer

Acme CA

Organizational Unit (OU)

Support

Organization (O)

BMC

Location (L)

San Francisco

State (ST)

CA

Country (C)

US



Windows certificate


Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:c9:54:50:18:2a:bf:a5:43:17:25:6a:ff:3a:47:fa
        Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
        Issuer: CN=Acme CA, OU=Support, O=BMC, L=San Francisco, ST=CA,
C=US, E=user@bmc.com
        Validity:
            Not Before: Thu Mar 25 20:50:35 2011
            Not After: Sat Mar 25 20:50:35 2015
        Subject: CN= CA, OU=Support, O=BMC, L=San Francisco, ST=CA,
C=US, E=user@bmc.com
        Subject Public Key Info:
            Public Key Algorithm: PKCS #1 RSA Encryption
            RSA Public Key:
                Modulus:
				.
				.
				.
Exponent: 65537 (0x10001)
        Signed Extensions:
            Name:
                2b:06:01:04:01:82:37:14:02
            Data: ""
            Name:
                Certificate Key Usage
            Data:
                03:02:01:46
            Name:
                Certificate Basic Constraints
            Critical:
                True
            Data: Is a CA with a maximum path length of -2.
            Data: Is a CA with a maximum path length of -2.
            Name:
                Certificate Subject Key ID
            Data:
                04:14:20:a1:e7:b8:9e:e7:f7:49:22:fb:47:b6:fd:c5:
                e3:20:fa:67:6d:e3
            Name:
                CRL Distribution Points
            Data: Sequence {
                Sequence {
                    Option 0
				.
				.
				.
            Name:
                2b:06:01:04:01:82:37:15:01
            Data: 131328 (0x20100)
Fingerprint (MD5):
        D4:1D:8C:D9:8F:00:B2:04:E9:80:09:98:EC:F8:42:7E
    Fingerprint (SHA1):
DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09
Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
    Signature:
				.
				.
				.
Certificate Trust Flags:
        SSL Flags:
            Valid CA
            Trusted CA
            Trusted Client CA
        Email Flags:
            Valid Peer
            Trusted
        Object Signing Flags:
            Valid Peer
            Trusted

Example: Separate Certificate Authority

This certificate shows a separate Issuer and Subject Common Name (CN).

To generate a certificate with separate CAs

At the command line, enter:


C:\CertUser\ldap>certutil.exe -L -d c:\CertUser\ldap\Sequoia
USOMALDC01  CT,P,P
USADISBDC07 CT,P,P

C:\CertUser\ldap>certutil.exe -L -n USADISBDC07 -d c:\CertUser\ldap\Sequoia



Certificate information

Option

Description

Common Name (CN)

VeriSign (Issuer) Acme (Subject)

Organizational Unit (OU)

Shared Services

Organization (O)

Sequoia Institute

Location (L)

Sopia Landing

State (ST)

New York

Country (C)

US



Separate certificate authority


Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:19:a1:ae:00:00:00:00:57:d9
        Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
        Issuer: "CN=VeriSign,OU=Shared Services,O=Sequoia Institute,L=Sopia Landing,ST=New York,C=US"
        Validity:
            Not Before: Thu Oct 14 13:12:02 2010
            Not After : Sat Oct 13 13:12:02 2012
        Subject: "CN=Acme,OU=Domain Controllers, DC=Sequoia,DC=com"
        Subject Public Key Info:
            Public Key Algorithm: PKCS #1 RSA Encryption
            RSA Public Key:
                Modulus:
				.
				.
				.
            Name: Extended Key Usage
                TLS Web Client Authentication Certificate
                TLS Web Server Authentication Certificate
                Microsoft KP SmartCard Logon
                Microsoft KP SmartCard Logon
            Name: Certificate Key Usage
            Usages: Digital Signature
                    Key Encipherment
                    Key Encipherment
            Name: OID.1.3.6.1.4.1.311.21.10
            Data: Sequence {
                Sequence {
                    TLS Web Client Authentication Certificate
                }
                Sequence {
                    TLS Web Server Authentication Certificate
                }
                Sequence {
                    Microsoft KP SmartCard Logon
                }
            }
            }
            Name: Certificate Subject Key ID
            Data:
				.
				.
				.
            Name: Certificate Authority Key Identifier
            Key ID:
				.
				.
				.
Name: CRL Distribution Points
            URI: "ldap:///CN=VeriSign,CN=VeriSign,CN=CDP,CN=Public%20Key%
                20Services,CN=Services,CN=Configuration,DC=Sequoia,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint"
                20Services,CN=Services,CN=Configuration,DC=Sequoia,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint"
            Name: Authority Information Access
            Method: PKIX CA issuers access method
            Location:
                URI: "ldap:///CN=Acme,CN=AIA,CN=Public%20Key%20Services
,CN=Services,CN=Configuration,DC=Sequoia,DC=com?cACertificate?base?objectClass=certificationAuthority"
            Method: PKIX CA issuers access method
            Location:
                URI: "http://VeriSign.Sequoia.com/CertEnroll/VeriSign.Sequoia.com_VeriSign.crt"
                URI: "http://VeriSign.Sequoia.com/CertEnroll/VeriSign.Sequoia.com_VeriSign.crt"
            Name: Certificate Subject Alt Name
            DNS name: "Acme.am.Sequoia.com"
            DNS name: "Acme.am.Sequoia.com"
    Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
    Signature:
				.
				.
				.
    Fingerprint (MD5):
        19:D2:22:17:CE:65:76:9A:B1:CE:EC:A2:F7:29:46:F0
    Fingerprint (SHA1):
        4F:0C:1D:C6:94:AE:98:CB:CC:95:0D:3B:27:5D:C3:AA:83:17:BF:62
        4F:0C:1D:C6:94:AE:98:CB:CC:95:0D:3B:27:5D:C3:AA:83:17:BF:62
    Certificate Trust Flags:
        SSL Flags:
            Valid CA
            Trusted CA
            Trusted Client CA
        Email Flags:
            Valid Peer
            Trusted
        Object Signing Flags:
            Valid Peer
            Trusted
Was this page helpful? Yes No Submitting... Thank you

Comments