Distinguished names – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Features Guide

Section IX: Management Security

467

Distinguished Names

Part of the task to creating a self-signed certificate or enrollment request is
selecting a distinguished name. A distinguished name is integrated into a
certificate along with the key and can have up to five parts. The parts are:



cn - common name

This can be the name of the person who will use the certificate.



ou - organizational unit

This is the name of a department, such as Network Support or IT.



o - organization

This is the name of the company.



st - state

This is the state.



c - country

This is the country

A certificate name does not need to contain all of these parts. You can use
as many or as few as you want. You separate the parts with a comma. You
can use alphanumeric characters, as well as spaces in the name strings.
You cannot use quotation marks. To use the following special characters
{=,+<>#;\<CR>}, type a “\” before the character.

Following are a few examples. This distinguished name contains only one
part, the name of the switch:

cn=Production Switch

This distinguished name omits the common name, but includes everything
else:

ou=Network Support,o=XYZ Inc.,st=CA,c=US

So what would be a good distinguished name for a certificate for the
AT-9400 Switch? If the switch has an IP address, such as a master switch
of an enhanced stack, you could use its address as the name. The
following example is a distinguished name for a certificate for a master
switch with the IP address 149.11.11.11:

cn=149.11.11.11