CN | Common Name | This is the fully qualified domain name (FQDN) that specifies the server’s exact location in the Domain Name System (DNS). For example, a component with hostname webBridge1 and parent domain example.com has the fully qualified domain name webBridge1.example.com. The FQDN uniquely distinguishes the component from any other components called webBridge1 in other domains. | Required, see notes below |
O | Organization or Business name | Usually the legal incorporated name of a company. It should include any suffixes such as Ltd., Inc., or Corp. Use “” around the attribute if more than one word, e.g. “Example Inc.” | Optional |
OU | Organizational unit or Department name | For example, Support, IT, Engineering, Finance. Use “” around the attribute if more than one word, e.g. “Human Resources” | Optional |
L | Location | City or town. For example, London, Boston, Milan, Berlin. | Optional |
ST | Province, Region, County or State | For example, Buckinghamshire, California. | Optional |
C | Country | The two-letter ISO code for the country where your organization is located. For example, US, GB, FR. | Optional |
An email address | An email address to contact the organization. Usually the email address of the certificate administrator or IT department. | Optional | |
SAN | Subject Alternative Name | From X509 Version 3 (RFC 2459), SSL certificates are allowed to specify multiple names that the certificate should match. This field enables the generated certificate to cover multiple domains. It can contain IP addresses, domain names, email addresses, regular DNS host names, etc, separated by commas. If you specify this list you must also include the CN in this list. Although this is an optional field, the SAN field must be completed in order for XMPP clients to accept a certificate, otherwise the XMPP clients will display a certificate error. | Required for XMPP server certificates or if a single certificate is to be used across multiple components. See note below. Note: XMPP server is not supported from version 3.0 |
No comments:
Post a Comment