C H A P T E R 3 Keys and Certificates
3-7
Obtaining a Certificate from VeriSign§
or Other Certificate Authority
Use the create key command to create your key and the create sign
command to create a signing request to be sent to VeriSign or other
certificate authority for authentication. The certificate authority will
return it in approximately one to five days. After you have received
the certificate, use the import cert command to import it into the
7110/7115.
The fields input to create a signing request are called collectively a
Distinguished Name (DN). For optimal security, one or more fields
must be modified to make the DN unique.
Procedure
Create a key:
1. Type the create key command at the prompt:
Intel 7115> create key
Key strength (512/1024) [512]:
New keyID [001]: 002
Keypair was created for keyID: 002
2. Create a Certificate Signing Request:
Intel 7115> create sign 002
You are about to be asked to enter information
that will be incorporated into your
certificate request. The "common name" must be
unique. For other fields, you could use
default values.
Certifying authorities have specific guidelines on how to answer each
of the questions. These guidelines may vary by certifying authority.
Please refer to the guidelines of the certifying authority to whom you
submit your Certificate Signing Request (CSR). Please keep the
following in mind when entering the information that will be
incorporated into your certificate request:
• Country code: This is the two-letter ISO abbreviation for your
country (for example, US for the United States).
• State or Province: This is the name of the state or province
where your organization’s head office is located. Please enter the
full name of the state or province. Do not abbreviate.