000026610 - How do you create a code signing certificate with RCM?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000026610
Applies ToRSA Certificate Manager RCM 6.8
RSA Certificate Manager (RCM)
Code Signing Certificate
IssueHow do you create a code signing certificate with RCM?
Resolution

For a code signing certificate, you would want something like this:

 

VERSION:  3

SERIAL:  0x011e3e15 4da8222b 6d

SIGNATURE ALGORITHM:  SHA1 with RSA Encryption

ISSUER:                              

  Country Name:              US

  Organization Name:         Acme

  Common Name:               Acme Public CA 1

VALIDITY: 

  Not Before:  Aug 31, 11 15:01:36 GMT

  Not After:   Sep 30, 11 15:01:36 GMT

SUBJECT:                              

  Country Name:              US

  Common Name:            Code Cert

  E-mail Address:            pki@acme.com

PUBLIC KEY: 

  RSA Encryption:  1024 bits.

  MODULUS:    0xa53f59b7 a28baaef f64b5793 7db6018c

               291464a1 43a98ab2 f0115279 0dec2fcf

              30ee3725 d26a9b69 49db7493 f4aabd85

              7b63d51c bf07ceb0 aa07a31b a5ca05e8

              3553b2b7 e003be34 a45e89f8 eb10be1a

              72fa5fbf b4a1d7f3 d04a7f98 c89756cb

              d0f79e22 7bdabc55 fd9050a4 d6b84575

              614a6748 689c58a9 cfb3b0cf 3a19114f

  EXPONENT:    0x010001

EXTENSIONS: 

  Key Usage:                     Critical  Digital Signature, Non-Repudiation

  Basic Constraints:             Critical  Defaulted to EE

  Certificate Policies:               

    Policy ID:  1.3.6.1.4.1.15945.1.1.1

      Qualifier ID:  User Notice (id-qt-notice)

  CRL Distribution Points:            

    Distribution point 1: 

      Uniform Resource ID:  http://www.acme.com/Root.crl

    cCA1.crl

  Authority Information Access:       

    Method:  id-ad-ocsp

    Tagset:  Uniform Resource ID:  http://ocsp.acme.com

  Extended Key Usage:              Code Signing

OUTER SIGNATURE ALGORITHM:  SHA1 with RSA Encryption

SIGNATURE:    0x9253bcfd 409b20b9 815ed81a 1b65bf23

               f89c3f26 12d0e671 06a480c0 a350623b

              155dafef 8e33f30c 603db102 09ec3b58

              da4a48cc 1da83c26 78cd359e 08b9d2e5

              3a82c348 9da94200 7116b138 2cf972db

              adf5702e 1912edf9 b1219e5e 833a8720

              113479fb 436befac 75ce6301 4c4c58c7

              4a5fdb35 cfd23fe1 d0da0a0d c633092f

              c82dab62 2b8f7915 04943d24 5dd8b362

              b01f8856 acc92c7e a2a602b3 4d4a6fff

              4c5ddf6f 84ef05aa 8006ba04 8199130b

              ab0b009c 35ab7d9e 109a7fdf ebc11f06

              d6eaf315 4ebe7a32 b8e1bef6 7140f78e

              e8ac1a64 73dc413b 03c5d5ad 79bd2f23

              c014e8e2 d3c75fb3 682f0e68 40ee6d08

              dbd0fd90 a63a044f c10ff4b0 9e8d7248

 

 

Copy SSL client profile to create a custom code signing certificate profile and configure key usage for ?Critical  Digital Signature, Non-Repudiation?

 

Legacy Article IDa55795

Attachments

    Outcomes