Self-signed certificates settings
Create self-signed certificates.
From the admin console, click...
Security > SSL certificate and key management > Configuration settings > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Related items > Key stores and certificates > keystore > Additional Properties > Personal certificates > Create (drop-down list) > Self-signed certificate.
This same help file is available when we create a new certificate or view an existing certificate. The fields in this help file are described according to how they appear and are used on the administrative console.
Alias
Alias for the personal certificate in the keystore.
You enter the alias name for the personal certificate in the keystore when we are creating a certificate.
The alias name is read-only when you view an existing certificate.
Information Value Data type: Text
Version
Version of the personal certificate. Valid versions include X509 V3, X509 V2, or X509 V1. IBM recommends to use X509 V3 certificates.
This field is read-only when we create or view a certificate.
Information Value Data type: Text Default: X509 V3 Range:
Key size
Key size of the private key used by the personal certificate.
When we are creating a certificate we can select the key size from the drop-down list. This field is read-only when you view a certificate.
Information Value Data type: Integer Default: 1024 Other valid key sizes: 512, 2048, 4096
Common name
Common name portion of the distinguished name (DN). IBM recommends that this name be the host name of the machine on which the certificate resides. In some cases, the common name is used to login during Secure Socket Layer (SSL) certificate authentication; therefore, in some cases, this name might be used as a user ID for a local operating system registry.
When we create a new certificate we can enter the common name in this field. This field does not display when you view an existing certificate.
Information Value Data type: Text
Serial number
Identifies the certificate serial number generated by the issuer of the certificate. When creating a certificate this field does not appear.
This field is read-only when you view an existing certificate.
Validity period
Length in days during which the certificate is valid. The default is 365 days. We can enter any number of days you wish.
This field is read-only when you view an existing certificate. This field displays a validity period as a range of days between two dates. For example, Valid from March 16, 2008 to March 16, 2009.
Information Value Data type: Text
Organization
You enter the organization portion of the distinguished name. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Text
Organization unit
Organization unit portion of the distinguished name. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Text
Locality
Locality portion of the distinguished name. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Text
State/Province
State portion of the distinguished name. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Text
Zip code
The zip code portion of the distinguished name. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Integer
Country or region
Select the country portion of the distinguished name from the drop-down list. This field is optional.
This field displays only when we create a new certificate.
Information Value Data type: Text Default: (none)
Validity period
Identifies the length, in days, when the certificate is valid. The default is 365 days.
This field is read-only when you view an existing certificate and shows the start and end dates.
Issued to
Identifies the distinguished name of the entity to which the certificate was issued.
This field is read-only when you view an existing certificate.
Issued by
Identifies the distinguished name of the entity that issued the certificate. When the personal certificate is self-signed, this name is identical to the Issued to distinguished name.
This field is read-only when you view an existing certificate.
Fingerprint (SHA Digest)
Identifies the Secure Hash Algorithm (SHA hash) of the certificate, which can be used to verify the certificate's hash at another location, such as the client side of a connection.
This field is read-only when you view an existing certificate.
Signature algorithm
Identifies the algorithm used to sign the certificate.
This field is read-only when you view an existing certificate.
Create a Secure Sockets Layer configuration Keystores and certificates collection Personal certificates collection