When using a globally signed certificate, each client must verify certificate field values to avoid trusting certificates that the same Certificate Authority has signed for other clients. This is resolved by requiring your clients to test the value of fields in the identity portion of the certificate. A Certificate Authority must guarantee the accuracy of the identification information in any certificate that it signs.
For more information about globally signed certificates, see Globally-signed certificates.
When creating a certificate using the createcert utility, you enter values for the organization, organizational unit, and common name fields. You verify these fields using corresponding client connection parameters. It is strongly recommended that you verify certificate fields if you are using a third-party Certificate Authority to globally sign certificates.
Organization The organization field corresponds to the certificate_company encryption protocol option. See certificate_company protocol option.
Organizational unit The organizational unit field corresponds to the certificate_unit encryption protocol option. See certificate_unit protocol option.
Common name The common name field corresponds to the certificate_name encryption protocol option. See certificate_name protocol option.
For more information about client-side encryption connection parameters, see Encryption connection parameter [ENC].
Discuss this page in DocCommentXchange. Send feedback about this page using email. |
Copyright © 2009, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.1 |