|
| Chapter 33 Certificates |
|
|
|
| Table 164 Configuration > Object > Certificate > Trusted Certificates > Edit (continued) | |
| LABEL | DESCRIPTION |
| Issuer | This field displays identifying information about the certificate’s issuing certification |
|
| authority, such as Common Name, Organizational Unit, Organization and Country. |
|
| With |
|
| field. |
|
|
|
| Signature Algorithm | This field displays the type of algorithm that was used to sign the certificate. Some |
|
| certification authorities use |
|
| algorithm and the SHA1 hash algorithm). Other certification authorities may use rsa- |
|
| |
|
|
|
| Valid From | This field displays the date that the certificate becomes applicable. The text displays in |
|
| red and includes a Not Yet Valid! message if the certificate has not yet become |
|
| applicable. |
|
|
|
| Valid To | This field displays the date that the certificate expires. The text displays in red and |
|
| includes an Expiring! or Expired! message if the certificate is about to expire or has |
|
| already expired. |
|
|
|
| Key Algorithm | This field displays the type of algorithm that was used to generate the certificate’s key |
|
| pair (the ZyWALL uses RSA encryption) and the length of the key set in bits (1024 bits |
|
| for example). |
|
|
|
| Subject Alternative | This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) or e- |
| Name | mail address (EMAIL). |
|
|
|
| Key Usage | This field displays for what functions the certificate’s key can be used. For example, |
|
| “DigitalSignature” means that the key can be used to sign certificates and |
|
| “KeyEncipherment” means that the key can be used to encrypt text. |
|
|
|
| Basic Constraint | This field displays general information about the certificate. For example, Subject |
|
| Type=CA means that this is a certification authority’s certificate and “Path Length |
|
| Constraint=1” means that there can only be one certification authority in the |
|
| certificate’s path. |
|
|
|
| MD5 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the MD5 |
|
| algorithm. You can use this value to verify with the certification authority (over the |
|
| phone for example) that this is actually their certificate. |
|
|
|
| SHA1 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the SHA1 |
|
| algorithm. You can use this value to verify with the certification authority (over the |
|
| phone for example) that this is actually their certificate. |
|
|
|
| Certificate | This |
|
| Enhanced Mail (PEM) format. PEM uses lowercase letters, uppercase letters and |
|
| numerals to convert a binary certificate into a printable form. |
|
| You can copy and paste the certificate into an |
|
| you can copy and paste the certificate into a text editor and save the file on a |
|
| management computer for later distribution (via floppy disk for example). |
|
|
|
| Export Certificate | Click this button and then Save in the File Download screen. The Save As screen |
|
| opens, browse to the location that you want to use and click Save. |
|
|
|
| OK | Click OK to save your changes back to the ZyWALL. You can only change the name. |
|
|
|
| Cancel | Click Cancel to quit and return to the Trusted Certificates screen. |
|
|
|
33.3.2 The Trusted Certificates Import Screen
Click Configuration > Object > Certificate > Trusted Certificates > Import to open the Trusted Certificates Import screen. Follow the instructions in this screen to save a trusted certificate to the ZyWALL.
| 427 |
ZyWALL 110/310/1100 Series User’s Guide | |
|
|