What is the difference between a critical and non-critical extension?
Originally Published: 2008-01-17
Article Number
Applies To
RSA Certificate Manager
Issue
Not sure if Critical or non-critical should be selected when issuing a certificate
Resolution
According to the X.509 standard, the user of a certificate should reject the certificate if an extension is flagged as critical and is not recognized. If the extension is flagged as non-critical and is aslo not recognized, the application may decide to accept the certificate anyway.
As an example, most browsers will recognize major extensions like KeyUsage, so it is a good practice to leave this extension as critical.
Related Articles
What is the meaning of yellow flags in Microsoft Internet Explorer's icons for critical extensions? Number of Views 'Critical Error' with software Token for Windows Number of Views C_SetCertBER returns error E_UNKNOWN_CRITICAL_EXTENSION Number of Views Hibernate WARN messages flooding logs in RSA Identity Governance & Lifecycle Number of Views Critical Updates for RSA SecurID Access Components Used with the Cloud Authentication Service Number of Views
Trending Articles
RSA Authentication Manager 8.3 Dell 630 and 230 hardware appliance loses ability to access keyboard when running PING 4.0 … RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows RSA Release Notes for RSA Authentication Manager 8.8 How a Multi-App Entitlement Collector (MAEDC) resolves entitlement relationships with accounts and groups collected by a M… RSA Governance & Lifecycle 8.0 Patch 10 Release Notes
Don't see what you're looking for?
