Certificate: Data: Version: 3 (0x2) Serial Number: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef Signature Algorithm: sha1WithRSAEncryption Issuer: O=Sun Microsystems Inc, OU=VeriSign Trust Network, OU=Class 3 MPKI Secure Server CA, CN=Sun Microsystems Inc SSL CA Validity Not Before: Apr 4 00:00:00 2006 GMT Not After : Apr 3 23:59:59 2008 GMT Subject: C=<...country...>, (1) ST=<...state or province...>, (2) L=<...locality...>, (3) O=Sun Microsystems Inc, OU=<...business unit or interface name...>, (4) OU=Class B, CN=<...FQDN1...> (5) Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd: 01:23:45:67:89:ab:cd:ef:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: (6) DNS:<...FQDN1...>, DNS:<...FQDN2...>, ... X509v3 Basic Constraints: CA:FALSE X509v3 CRL Distribution Points: URI:http://SVRC3SecureSunMicrosystems-MPKI-crl.verisign.com/SunMicrosystemsIncClassBUnified/LatestCRLSrv.crl X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Authority Key Identifier: keyid:01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23:45:67 X509v3 Subject Key Identifier: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23:45:67 Authority Information Access: OCSP - URI:http://onsite-ocsp.verisign.com X509v3 Certificate Policies: Policy: 2.16.840.1.113733.1.7.23.3 CPS: https://www.verisign.com/rpa Policy: 2.16.840.1.113536.509.3647 CPS: https://www.sun.com/pki/cps User Notice: Explicit Text: Validated For Sun Business Operations X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha1WithRSAEncryption 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23: 01:23:45:67 ==COMMENTS==================================================== Dynamic components in Subject DN -------------------------------- 1. C official two letter ISO 3166 country abbreviation (e.g. US, CA, GB, PL). 2. ST full name of state or province (e.g. New York, California, British Columbia). 3. L (optional) locality; if present, typically city or town (e.g. Mountain View). 4. additional OU (optional) if present, typical values are: business unit or interface name. 5. dynamic CN must be non-empty, value: primary FQDN (full hostname). Dynaminc extension component ---------------------------- 6. subjectAltName extension (optional) if present, the extension must list one or more (up to 20) FQDNs, and the primary FQDN must be one of them. NOTES: supported modulus sizes: 1024 (see above) or 2048 bits; validity period: 1 or 2 years.