When using a globally signed certificate, each client must verify certificate field values to avoid trusting certificates that the same Certificate Authority has signed for other clients. This is resolved by requiring your clients to test the value of fields in the identity portion of the certificate. A Certificate Authority must guarantee the accuracy of the identification information in any certificate that it signs.
For more information about globally signed certificates, see Globally-signed certificates.
When creating a certificate using the createcert utility, you enter values for the organization, organizational unit, and common name fields. You verify these fields using corresponding client connection parameters.
Organization The organization field corresponds to the certificate_company encryption connection parameter.
Organizational unit The organizational unit field corresponds to the certificate_unit encryption connection parameter.
Common name The common name field corresponds to the certificate_name encryption connection parameter.
For more information about client-side encryption connection parameters, see Encryption connection parameter [ENC].