Generating a key |
Top Previous Next |
To generate a private key, navigate to the Keys module in the top menu bar (for a global private key) or to the SECURITY > Keys module of a domain (for a domain-level private key). (See Key management overview)
Figure 22
Select the Server Keys tab and click on the Generate > Generate Key button. The Generate Server Key dialog is displayed.
In the General tab, enter a desired Key alias. This alias will be used to refer to this particular server key in this MFT Server environment.
Also specify the following:
Key algorithm - The algorithm used in generating this key. Valid options are RSA, DSA, and EC.
Key length - The length of the key in bytes. Valid options are 1024, 2048, and 4096.
Figure 23
In the Parameters tab, specify the following:
Validity - The number of days this key will be valid.
Common name (CN) - The name you wish to assign this key. Typically the domain name this key will serve e.g. ftp.mydomain.com
Note: Some browsers have already deprecated the CN and recognize the Subject Alternative Name (SAN) instead.
Subject Name Alternative or Subject Alternative Name (SAN) - This host's domain name or, if you're generating this key for a multi-domain certificate, a comma-separated list of domains (as shown in Figure 290 below).
Organizational unit - The unit within your organization that this key will be used for e.g. IT.
Organization - Your organization name.
Locality - Your city.
State/Province - Your state or province.
Country - Your 2 character country code e.g. "US".
Figure 290
Advanced
Key usage - Key usage parameter for certificate associated with server key.
Extended key usage - Extended key usage parameter for certificate associated with server key.
CRL URL - Certificate revocation list URL.
Sign with - Sign certificate with specified key.
|