Creating a Certificate Authority

This step presents all of the necessary fields to create a new certificate authority (CA). Every option on this page is required, and all fields must be filled out correctly to proceed. The CA is used to establish a trust base from which the server certificates can be generated and deemed “trustworthy” by clients. Because this CA is self-generated, it will only be trusted by clients who are also supplied with a copy of this CA certificate.

Descriptive Name A name for reference to identify this certificate. This is the same as Common Name field for other Certificates. For this example CA, ExampleCoCA is used. Although using spaces in this field is allowed, we strongly discourage using spaces in a Common Name field because some clients have issues handling them properly.

Key Length Size of the key which will be generated. The larger the key, the more security it offers but larger keys are generally slower to use. 2048 is a good choice.

Lifetime The time in days that this CA will be valid. On a self-generated CA such as this, it is commonly set to 3650, which is approximately 10 years.

Country Code Two-letter ISO country code (e.g. US, AU, CA). If the two-letter ISO country code is unknown, locate it on the ISO Online Browsing Platform site. Since the ExampleCo company is set in the United States, enter US for this example.

State or Province Full unabbreviated State or Province name (e.g. Texas, Indiana, California). Exam- pleCo is located in Texas for this example.

City City or other Locality name (e.g. Austin, Indianapolis, Toronto). ExampleCo’s headquarters is in Austin.

Organization Organization name, often the Company or Group name. ExampleCo goes here for this example. Do not use any special characters in this field, not even punctuation such as a period or comma.

E-Mail E-mail address for the Certificate contact. Often the e-mail of the person generating the certifi- cate, such as [email protected].

Click Add new CA to finish the CA creation process