Chapter 14 Certificates
The following table describes the labels in this screen.
Table 61 Trusted CAs
LABEL | DESCRIPTION |
PKI Storage | This bar displays the percentage of the ZyXEL Device’s PKI storage space that is |
Space in Use | currently in use. When you are using 80% or less of the storage space, the bar is |
| green. When the amount of space used is over 80%, the bar is red. When the bar |
| is red, you should consider deleting expired or unnecessary certificates before |
| adding more certificates. |
|
|
# | This field displays the certificate index number. The certificates are listed in |
| alphabetical order. |
|
|
Name | This field displays the name used to identify this certificate. |
|
|
Subject | This field displays identifying information about the certificate’s owner, such as CN |
| (Common Name), OU (Organizational Unit or department), O (Organization or |
| company) and C (Country). It is recommended that each certificate have unique |
| subject information. |
|
|
Issuer | This field displays identifying information about the certificate’s issuing certification |
| authority, such as a common name, organizational unit or department, |
| organization or company and country. With |
| same information as in the Subject field. |
|
|
Valid From | This field displays the date that the certificate becomes applicable. The text |
| displays in red and includes a Not Yet Valid! message if the certificate has not yet |
| become applicable. |
|
|
Valid To | This field displays the date that the certificate expires. The text displays in red and |
| includes an Expiring! or Expired! message if the certificate is about to expire or |
| has already expired. |
|
|
CRL Issuer | This field displays Yes if the certification authority issues Certificate Revocation |
| Lists for the certificates that it has issued and you have selected the Issues |
| certificate revocation lists (CRL) check box in the certificate’s details screen to |
| have the ZyXEL Device check the CRL before trusting any certificates issued by |
| the certification authority. Otherwise the field displays “No”. |
|
|
Details | Click Details to view |
| certificate, change the certificate’s name and set whether or not you want the |
| ZyXEL Device to check a certification authority’s list of revoked certificates before |
| trusting a certificate issued by the certification authority. |
|
|
Import | Click Import to open a screen where you can save the certificate of a certification |
| authority that you trust, from your computer to the ZyXEL Device. |
|
|
Delete | Click Delete to delete an existing certificate. A window display asking you to |
| confirm that you want to delete the certificate. Note that subsequent certificates |
| move up by one when you take this action. |
|
|
Refresh | Click this button to display the current validity status of the certificates. |
|
|
14.11 Importing a Trusted CA’s Certificate
Click CERTIFICATES >Trusted CAs to open the Trusted CAs screen and then click Import to open the Trusted CA Import screen. Follow the instructions in this screen to save a trusted certification authority’s certificate to the ZyXEL Device, see the following figure.
| 169 |
ZyXEL | |
|
|