Create Device Certificate (CMPv2)
You are here: Device Administration > Certificate Management > Certificates.
To create a CMPv2 device certificate:
Field |
Action |
---|---|
CA certificate name |
Select a CA certificate name from the list or click Add CA certificate to add a CA Certificate. For details on adding a CA certificate, see Add CA Certificate. |
Digital signature |
Select a digital signature from the list. That is, RSA, DSA, ECDSA, and so on. By default, RSA-2048 is selected. |
Name |
Enter a device certificate name. |
Enrollment Parameters |
|
CA secret |
Enter the out-of-band secret value received from the CA server. |
CA reference |
Enter the out-of-band reference value received from the CA server. |
CA Dn |
Enter the distinguished name (DN) of the CA enrolling the EE certificate. Note:
This option is mandatory if the CA certificate is not already enrolled. If the CA certificate is already enrolled, the subject DN is extracted from the CA certificate. |
Auto re-enrollment |
Enable this option to request that the issuing CA replace a certificate before its specified expiration date. |
Renew trigger time |
Set the renew trigger time (in days). Default is 65 days and maximum is 85 days. |
Regenerate key pair |
Enable this option to automatically generate a new key pair when a device certificate is automatically re-enrolled. |
Subject (Minimum of one field required) |
|
Domain component |
Enter the domain component that you want to associate with the certificate. |
Common name |
Enter a common name for the certificate. |
Organizational unit name |
Enter the name of the organizational unit that you want to associate with the certificate. |
Organizational name |
Enter the name of the organization that you want to associate with this certificate. |
Serial number |
Device serial number is autopopulated. |
Locality |
Enter the origin locality name. |
State |
Enter the origin state name. |
Country |
Enter the origin country name. |
Subject Alt Name |
|
Domain name |
Enter a domain name that you want to associate with the certificate. |
|
Enter an email address of the entity owning the certificate. |
IPv4 address |
Enter the IPv4 address of the device. |
IPv6 address |
Enter the IPv6 address of the device. |