Generating client certificates – Nortel Networks NN46120-104 User Manual

110

Certificates and Client Authentication

Generating client certificates

Before issuing client certificates, you should establish the means of
validating the identities of the users. The credentials users need to present
to obtain a client certificate may vary, depending on the type of service, the
size of your organization, and so on.

Step

Action

1

Specify a CA certificate by index number to use for
generating a client certificate, and generate the client
certificate.

In this example certificate number 1 is specified for generating a
client certificate. The private key corresponding with the public
key in the certificate you specify is used for signing the client
certificate.

>> Main# cfg/cert

Enter certificate number:

(1-) 1

>> Certificate 1# gensigned

Type of certificate (server/client) [client]: <press

ENTER for client certificate>

The combined length of the following parameters may not

exceed 225 bytes.

Country Name (2 letter code):

State or Province Name (full name):

Locality Name (e.g., city):

Organization Name (e.g., company):

Organizational Unit Name (e.g., section):

Common Name (e.g., your name or your server’s

hostname):

Email Address:

Subject alternative name (blank or comma separated list

of

URI:<uri>, DNS:<fqdn>, IP:<ip-address>, email:<email

-address>):

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.