ASP Certificate Options and Requirements
  • 14 Oct 2024
  • 1 Minute à lire
  • Sombre
    Lumière
  • PDF

ASP Certificate Options and Requirements

  • Sombre
    Lumière
  • PDF

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

Every ASP needs to have an ASP public/private key pair with an associated certificate or certificate chain. The ASP can generate the key pair and the certificates, or purchase them from a verified third-party certification authority (CA), such as VeriSign, GlobalSign, Comodo, or DigiCert.

ASPs that intend to generate the key pairs and the certificates themselves can choose from the following options:

Requirements for ASP key pairs and certificates

The ASP certificates must meet the following requirements:

  • The key pairs and the certificates should use either the RSA PKCS #1 v1.5 or the RSA PSS digital signing algorithm. OneSpan recommends the RSA PSS digital signing algorithm.

  • All key pairs should have a key length of at least 2048 bits.

  • All certificates should use one of these hash functions:

    • SHA-256

    • SHA-384

    • SHA-512

  • The lifetime of the ASP leaf certificate should not be longer than five years.

  • The lifetime of the ASP root certificate and the intermediate certificate should not be longer than ten years.


Cet article vous a-t-il été utile ?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle