User's Manual
l 1024-bit RSA (not recommended for a root certificate)
l 2048-bit RSA (recommended for general use)
l 4096-bit RSA (higher security)
l X9.62/SECG curve over a 256-bit prime field
l NIST/SECG curve over a 384-bit prime field
10.In the Self-Signed Certificate area, for a root certificate the CA Expiration field is included in the form.
Use this field to specify the lifetime of the root certificate in days. The default value is 365 days.
11.Use the Digest Algorithm drop-down list to specify which hash algorithm should be used to sign the
digital certificate request. Options include:
l SHA-1
l SHA-224
l SHA-256
l SHA-384
l SHA-512
12.Click Create Certificate Authority.
l If you selected root mode, the root certificate is included in the Certificate Authorities list.
l If you selected intermediate mode, the Intermediate Certificate Request page opens with text for the
certificate signing request (CSR). You can send the CSR to a certificate authority, who will generate a
signed certificate you can install. See "Requesting a Certificate for the Certificate Authority" on page 105.
l If you selected imported mode, the Certificate Authority Certificate Import form opens, where you can
upload the digital certificates and private key to the server. See"Installing a Certificate Authority’s
Certificate " on page 105.
Editing Certificate Authority Settings
You can edit some properties of a certificate authority after you create it, and configure some attributes that
were not included on the setup form.
To edit a certificate authority, go to Onboard >Certificate Authorities, click the certificate to expand its row,
and click its Edit link. The Certificate Authority Settings form opens.
In the basic information area at the top of the form, the Name and Description fields are used internally to
identify this certificate authority for the network administrator. These values are never displayed to the user
during device provisioning.
Dell Networking W-ClearPass Guest 6.4 | User Guide Onboard | 101