The value of the PrivateKeyUsagePeriod extension in certificates issued by Security Manager when the request:

  • Includes the optionalCertificateRequestDetails.validityPeriod field, and
  • Does not include the optionalCertificateRequestDetails.privateKeyUsagePercentage field.

See below for the values supported by this setting.

apply-full-pkup

PrivateKeyUsagePeriod

true​

The 100% of the optionalCertificateRequestDetails.validityPeriod value.

false

Set by the CA.

As explained in RFC2459,  the PrivateKeyUsagePeriod extension "allows the certificate issuer to specify a different validity period for the private key than the certificate".

Mandatory: No. This optional value defaults to true.