Skip to main content
Skip table of contents

Entering the Data for the Certificate Signing Request (CSR)

→ Go to Network > SCEP Client (NDES) > Certificate and enter the following data:

Type of CommonName/SubjectAltName: The characteristic for linking the certificate to the device.

  • IP address: The IP address of the device.

  • DNS name: The DNS name of the device.

  • IP address (auto): The IP address of the device (inserted automatically).

  • DNS name (auto): The DNS name of the device (inserted automatically).

  • Email address: An email address.

  • DNS name as UPN (auto)

If the client automatically obtains its network name, DNS Name (auto) is a good type for the client certificate.

 

The following parameter is available if Type of CommonName/SubjectAltName is set to IP address, DNS name, or Email address:

CommonName/SubjectAltName: Give a designation which matches the Type of CommonName/SubjectAltName. For certain types, this occurs automatically. No entry is then required.

The following parameter is available if Type of CommonName/SubjectAltName is set to IP address (auto), DNS name (auto), or DNS name as UPN (auto):

CommonName/SubjectAltName Suffix: Specifies a suffix that will be added to CommonName/SubjectAltName.
Possible values:

  • "none": No suffix will be added.

  • "dot + DNS domain (auto)": The system's current DNS domain name separated with a dot will be added. Example: .igel.local

  • Free text entry: The manually entered suffix will be added. Take notice that the percent symbol "%" is used for introducing the escape sequence, and thus the following replacements take place automatically:

    • %D is replaced by the system's DNS domain name at the time the certificate signing request (CSR) is created. Example: @%D will be changed into @igel.de if the system's current DNS domain name is igel.de.

    • %% will be replaced by %. Example: A%%B will be changed into A%B.

    • Other combinations with % are currently discarded. Example: A%BC will be changed into AC.

If you have to specify the suffix manually, make sure you enter the separator.

 

Organizational unit: Stipulated by the certification authority.

Organization: A freely definable designation for the organization to which the client belongs.

Locality: Details regarding the device’s locality. Example: "Augsburg".

State: Details regarding the device’s locality. Example: "Bayern".

Country: Two-digit ISO 3166-1 country code. Example: "DE".

RSA key length (bits): Select a key length (one suited to the certification authority) for the certificate that is to be issued.
Possible values:

  • "1024"

  • "2048"

  • "4096"

The RSA key length specified here must not be lower than the minimum key length configured on the server.



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close