Most public CAs will not issue certificates with IP address-based subjects, or IP address Subject Alternative Name (SAN) entries, such as those in the default self-signed SEPM certificate.Some vendors may require the subject information in the certificate to match a valid known address owned by the organization instead of the Symantec address included in the default self-signed SEPM certificate.Some organizations may require specific key algorithms or lengths besides the 2048/4096-bit SHA256 RSA key used by the default self-signed SEPM certificate.This certificate may not meet the organizational or CA requirements.
Always consult with your PKI team, and/or CA before choosing to use the SEPM default self-signed certificate.
0 kommentar(er)
