The Certificate Details page lists the properties of a certificate, such as certificate type, name, subject, and assigned keystores. The fields are not editable.
In the Administration Console, click > .
Click the name of a certificate.
The Certificate Details page contains the following information about the certificate:
Issuer: Displays the name of the CA that created the certificate.
Serial number: Displays the serial number of the certificate.
Subject: Displays the subject name of the certificate.
Valid from: Displays the first date and time that the certificate is valid.
Valid to: Displays the date and time that the certificate expires.
Devices: Indicates the devices that are configured to hold this certificate on their file system.
Key size: Indicates the key size that was used to create the certificate.
Signature algorithm: Indicates the signature algorithm that was used to create the certificate.
Finger print (MD5): Displays the certificate's message digest that was calculated with the MD5 algorithm. It is embedded into the certificate at creation time. It can be used to uniquely identify a certificate. For example, a user can verify that a certificate is the one they think it is by matching this published MD5 fingerprint with the MD5 fingerprint on the local certificate.
Finger print (SHA1): Displays the certificate's message digest that was calculated with the SHA1 algorithm. It is embedded into the certificate at creation time. It can be used to uniquely identify a certificate. For example, a user can verify that a certificate is the one they think it is by matching a published SHA1 fingerprint with the SHA1 fingerprint on the local certificate.
Subject Alternate Names: Critical: Indicates whether an application should reject the certificate if the application does not understand the alternate name extensions. Any configured alternate names are displayed in the list.
Key Usage: Critical: Indicates whether an application should reject the certificate if the application does not understand the key usage extensions.
Sign CRLs: Indicates whether the certificate is used to sign CRLs (Certificate Revocation Lists).
Sign certificates: Indicates that the certificate is used to sign other certificates.
Encrypt other keys: Indicates that the certificate is used to encrypt keys.
Encrypt data directly: Indicates that the certificate encrypts data for private transmission to the key pair owner. Only the intended receiver can read the data.
Create digital signatures: Indicates that the certificate is used to create digital signatures.
Non-repudiation: Indicates that the certificate links a digital signature to the signer and the data. This prevents others from duplicating the signature because no one else has the signer’s private key. Additionally, the signer cannot deny having signed the data.
CRL Distribution Points: Displays a list of Certificate Revocation List (CRL) distribution points that are embedded into the certificate as an extension at certificate creation time. Implementations search the CRL from each distribution point (the distribution point is usually a URI that points to a store of revoked certificates) to see whether a certificate has been revoked.
Authority Info Access (OCSP): Displays a list of Online Certificate Status Protocol (OCSP) responders that are embedded into the certificate as an extension at certificate creation time. Implementations query the OCSP responder to see whether a certificate has been revoked.