Format
|
Key: PKCS#12*1
CA certificate: X.509 DER/PEM
|
File extension
|
Key: ".p12", ".pfx"
CA certificate: ".cer"
|
Public key algorithm (and key length)
|
RSA (512 bits*2, 1024 bits, 2048 bits, 4096 bits)
ECDSA (P256, P384, P521)
|
Certificate signature algorithm
|
RSA: SHA1*3, SHA256, SHA384*4, SHA512*4, MD2*5, MD5*5
ECDSA: SHA1*3, SHA256, SHA384, SHA512
|
*1Requirements for the certificate contained in a key are pursuant to CA certificates.
*2The signature algorithm is available only for SHA1-RSA or SHA256-RSA.
*3Available only for a generated key and certificate signature request (CSR) or installation from the Remote UI.
*4Available only when the key algorithm is 1024 bits or more.
*5Available only for installation from the Remote UI.
|
The machine does not support use of a certificate revocation list (CRL).
|