Management and SPIRIT identity certificate attributes

Last Updated : Apr 25, 2023 |


Attribute	Value	Required
Subject	`CN={breeze-fqdn}`	Required
Validity	validity period	Required
Authority Key Identifier	hash	Required ¹
Subject Key Identifier	hash	Recommended
Key Usage	`digitalSignature`	Required
	`nonrepudiation`	Required
	`keyEncipherment`	Required
	`dataEncipherment`	Required
Extended Key Usage	`keyAgreement`	Required
	`id-kp-serverAuth = 1.3.6.1.5.5.7.3.3.1`	Required
	`id-kp-clientAuth = 1.3.6.1.5.5.7.3.3.2`	Required
Authority Information Access	`OCSP - URI:http://{ocsp-server}{:ocsp-port}{/ocsp-path}`	Optional
CRL Distribution Points	`URI:http://{crl-server}{:crl-port}{/crl-path}`	Optional
CRL Distribution Points	`URI:ldap://{crl-server}{:crl-port}{/crl-dn}`²	Optional

¹ Authority key identifiers are required elements in end entity certificates to properly establish the trust chain.

² URLs and DNs used to identify the location of CRLs in LDAP directories may be quite complex; entities configuring or consuming these must be able to handle characters as defined by the LDAP URI specification in RFC 4516.

Send Feedback

AVAYA DOCUMENTATION CENTER

No results found

AVAYA DOCUMENTATION CENTER

No results found

Administering Avaya Breeze® platform

Management and SPIRIT identity certificate attributes