CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: certificate questions

since you're at umich, these are our policies//guidelines

1) you're right, the cn is the domain name/hostname, but they don't *have* to match, it is just preferred. The only requirement is that the cn end in, feel free to "make up" a hostname.

2) in this case it's the umwebCA, so you should it to webmaster@xxxxxxxxx and ask for a umwebCA signed cert.


On Sep 14, 2005, at 2:43 PM, Will Jaynes wrote:

I'm taking a look at the JavaCosign filter and would like to set it up on my development workstation. The install section of the README.txt file talks about creating a keystore and a certificate and a signing request, and then "Have your CA sign the CSR". This brings up a couple questions for me:

1) The certificate requires a CN. I assume this should be a domain name, and I assume the dn should be that of the machine the certificate will be used on. Are those assumptions correct? My development workstation doesn't have a domain name. It's a DHCP client and only has an IP, and not always the same IP. Is this going to be a problem with regard to the certificate?

2) Who is my CA, and where do I send the CSR to have it signed?

thanks for any info,


Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010