Re: certificate questions

[johanna bromberg craig <canna@xxxxxxxxx>]

since you're at umich, these are our policies//guidelines

1) you're right, the cn is the domain name/hostname, but they don't  
*have* to match, it is just preferred. The only requirement is that  
the cn end in umich.edu, feel free to "make up" a hostname.

2) in this case it's the umwebCA, so you should it to  
webmaster@xxxxxxxxx and ask for a umwebCA signed cert.

-J

On Sep 14, 2005, at 2:43 PM, Will Jaynes wrote:

> I'm taking a look at the JavaCosign filter and would like to set it  
> up on my development workstation. The install section of the  
> README.txt file talks about creating a keystore and a certificate  
> and a signing request, and then "Have your CA sign the CSR". This  
> brings up a couple questions for me:
>
> 1) The certificate requires a CN. I assume this should be a domain  
> name, and I assume the dn should be that of the machine the  
> certificate will be used on. Are those assumptions correct? My  
> development workstation doesn't have a domain name. It's a DHCP  
> client and only has an IP, and not always the same IP. Is this  
> going to be a problem with regard to the certificate?
>
> 2) Who is my CA, and where do I send the CSR to have it signed?
>
> thanks for any info,
> Will
>
> !DSPAM:43286f72320518690210016!