You create certificates based on the service type. You must be an ADAM administrator to create a certificate.
The following roles are recommended:
SPC Enterprise administrator
When you start the Certificate Management console, you may be prompted to provide the root certificate password. If you have previously opened the console or you are logged on in the context of the user who installed SPC Enterprise, you are not prompted. The root certificate password is created during SPC Enterprise installation.
Certain text boxes are used as the default information from a previous certificate, but all of the items can be edited. Every box is required. The information is not validated. You should verify that the information is accurate.
You create a certificate that uses Secure Hash Algorithm (SHA), a set of cryptographic hash functions. The National Security Agency (NSA) designed the set of functions. The National Institute of Standards and Technology (NIST) publishes the set of functions as a Federal Information Processing Standard. Windows XP and Server 2003 cannot obtain certificates using SHA-2 algorithms unless the operating systems have been updated with the appropriate Windows hotfix.
The available encryption options are:
Table: Encryption options
If you create a certificate with a larger key size, the creation process may take more time on certain computers.
The Service Types available are the following:
Application Server SSL
Encryption Management Service
You can only create the Encryption Management Service certificate on the computer that hosts the Directory Support Service.
In the Expires In box, select the length of the certificate's lifetime.
For the following boxes, you can provide a name or accept the name from the previous certificate:
In the Country box, provide a two-character code. You can also accept the default code from the previous certificate. You can find a list of the codes at: