ASP Certificate Options and Requirements
- 14 Oct 2024
- 1 Minute à lire
- Impression
- SombreLumière
- PDF
ASP Certificate Options and Requirements
- Mis à jour le 14 Oct 2024
- 1 Minute à lire
- Impression
- SombreLumière
- PDF
The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article
Avez-vous trouvé ce résumé utile ?
Merci pour vos commentaires
Every ASP needs to have an ASP public/private key pair with an associated certificate or certificate chain. The ASP can generate the key pair and the certificates, or purchase them from a verified third-party certification authority (CA), such as VeriSign, GlobalSign, Comodo, or DigiCert.
ASPs that intend to generate the key pairs and the certificates themselves can choose from the following options:
Requirements for ASP key pairs and certificates
The ASP certificates must meet the following requirements:
The key pairs and the certificates should use either the RSA PKCS #1 v1.5 or the RSA PSS digital signing algorithm. OneSpan recommends the RSA PSS digital signing algorithm.
All key pairs should have a key length of at least 2048 bits.
All certificates should use one of these hash functions:
SHA-256
SHA-384
SHA-512
The lifetime of the ASP leaf certificate should not be longer than five years.
The lifetime of the ASP root certificate and the intermediate certificate should not be longer than ten years.
Cet article vous a-t-il été utile ?