|
| Chapter 18 Certificates |
| Table 72 Certificates > Trusted CAs Details (continued) | |
| LABEL | DESCRIPTION |
| Key Usage | This field displays for what functions the certificate’s key can be used. |
|
| For example, “DigitalSignature” means that the key can be used to |
|
| sign certificates and “KeyEncipherment” means that the key can be |
|
| used to encrypt text. |
|
|
|
| Basic Constraint | This field displays general information about the certificate. For |
|
| example, Subject Type=CA means that this is a certification |
|
| authority’s certificate and “Path Length Constraint=1” means that |
|
| there can only be one certification authority in the certificate’s path. |
|
|
|
| CRL Distribution | This field displays how many directory servers with Lists of revoked |
| Points | certificates the issuing certification authority of this certificate makes |
|
| available. This field also displays the domain names or IP addresses of |
|
| the servers. |
|
|
|
| MD5 Fingerprint | This is the certificate’s message digest that the NWA calculated using |
|
| the MD5 algorithm. You cannot use this value to verify that this is the |
|
| remote host’s actual certificate because the NWA has signed the |
|
| certificate; thus causing this value to be different from that of the |
|
| remote host’s actual certificate. See Section 18.3 on page 208 for |
|
| how to verify a remote host’s certificate before you import it into the |
|
| NWA. |
|
|
|
| SHA1 Fingerprint | This is the certificate’s message digest that the NWA calculated using |
|
| the SHA1 algorithm. You cannot use this value to verify that this is the |
|
| remote host’s actual certificate because the NWA has signed the |
|
| certificate; thus causing this value to be different from that of the |
|
| remote host’s actual certificate. See Section 18.3 on page 208 for |
|
| how to verify a remote host’s certificate before you import it into the |
|
| NWA. |
|
|
|
| Certificate in PEM | This |
| in Privacy Enhanced Mail (PEM) format. PEM uses 64 ASCII characters | |
| Encoded Format | to convert the binary certificate into a printable form. |
|
| You can copy and paste the certificate into an |
|
| friends or colleagues or you can copy and paste the certificate into a |
|
| text editor and save the file on a management computer for later |
|
| distribution (via floppy disk for example). |
|
|
|
| Export | Click this button and then Save in the File Download screen. The |
|
| Save As screen opens, browse to the location that you want to use |
|
| and click Save. |
|
|
|
| Apply | Click Apply to save your changes. You can only change the name |
|
| and/or set whether or not you want the NWA to check the CRL that |
|
| the certification authority issues before trusting a certificate issued by |
|
| the certification authority. |
|
|
|
| Cancel | Click Cancel to quit and return to the Trusted CAs screen. |
|
|
|
18.6 Technical Reference
This section provides technical background information about the topics covered in this chapter.
| 223 |
|
|