A User Certificate is a Certificate is issued by certifying authority and identifies a user.
The X.509 v3 fields in a User Certificates with specific requirements are shown in Table 44.
Table 44 – User Certificate
|subject||The distinguished name of the User. The Common Name attribute shall be specified and should be name of the user. The Organization should be provided. Other attributes may be specified.The subject field is completely described in RFC 5280.|
|authorityKeyIdentifier||Provides more information about the key used to sign the Certificate. It shall be specified.|
|basicConstraints||The basicConstraints field is completely described in RFC 5280. The cA flag Identifies whether the subject of the Certificate is a CA The pathLength specifies the maximum depth of valid chains that include this Certificate. The cA flag shall be FALSE for User Certificates.The pathLength shall not be present.|