Deployment Guide

Creating a Certificate

From the Certificate Management page, click the Generate a new certificate signing request link to access the

Certificate Request form.

To create a new certificate or certificate signing request, first select the type of certificate you want to create from

the Certificate Type drop-down list:

l TLS Client Certificate—Use this option when the certificate is to be issued to a client, such as a user or a user’s

device.

n When this option is selected, the issued certificate’s extended key usage property will contain a value of

“Client Auth”, indicating that the certificate may be used to identify a client.

l Trusted Certificate—Use this option when the certificate is to be issued to a network server, such as a Web

server or as the EAP-TLS authentication server.

n When this option is selected, the issued certificate’s extended key usage property will contain a value of

“Server Auth”, indicating that the certificate may be used to identify a server.

l Certificate Authority—Use this option when the certificate is for a subordinate certificate authority.

n When this option is selected, the issued certificate will contain an extension identifying it as an intermediate

certificate authority, and the extended key usage property will contain the three values “Client Auth”, “Server

Auth” and “OCSP Signing”.

l Code Signing—Use this option for signing the Windows provisioning application.

Specifying the Identity of the Certificate Subject

In the first part of the form, provide the identity of the person or device for which the certificate is to be issued (the

“subject” of the certificate). Together, these fields are collectively known as a distinguished name, or “DN”.

l Country

l State

l Locality

l Organization

Dell Networking W-ClearPass Guest 6.0 | Deployment Guide

Creating a Certificate

| 93