|
| ZyWALL 5/35/70 Series User’s Guide |
| Table 116 Trusted CA Details (continued) | |
|
|
|
| LABEL | DESCRIPTION |
|
|
|
| Certification Path | Click the Refresh button to have this |
|
| certificate and a list of certification authority certificates that shows the hierarchy |
|
| of certification authorities that validate the end entity’s certificate. If the issuing |
|
| certification authority is one that you have imported as a trusted certification |
|
| authority, it may be the only certification authority in the list (along with the end |
|
| entity’s own certificate). The ZyWALL does not trust the end entity’s certificate |
|
| and displays “Not trusted” in this field if any certificate on the path has expired or |
|
| been revoked. |
| Refresh | Click Refresh to display the certification path. |
|
|
|
| Certificate | These |
| Information |
|
| Type | This field displays general information about the certificate. |
|
| that a Certification Authority signed the certificate. |
|
| certificate’s owner signed the certificate (not a certification authority). X.509 |
|
| means that this certificate was created and signed according to the |
|
| recommendation that defines the formats for |
| Version | This field displays the X.509 version number. |
|
|
|
| Serial Number | This field displays the certificate’s identification number given by the certification |
|
| authority. |
| Subject | This field displays information that identifies the owner of the certificate, such as |
|
| Common Name (CN), Organizational Unit (OU), Organization (O) and Country |
|
| (C). |
| Issuer | This field displays identifying information about the certificate’s issuing |
|
| certification authority, such as Common Name, Organizational Unit, |
|
| Organization and Country. |
|
| With |
|
| Name field. |
| Signature Algorithm | This field displays the type of algorithm that was used to sign the certificate. |
|
| Some certification authorities use |
|
| encryption algorithm and the SHA1 hash algorithm). Other certification |
|
| authorities may use |
|
| and the MD5 hash algorithm). |
| Valid From | This field displays the date that the certificate becomes applicable. The text |
|
| displays in red and includes a Not Yet Valid! message if the certificate has not |
|
| yet become applicable. |
| Valid To | This field displays the date that the certificate expires. The text displays in red |
|
| and includes an Expiring! or Expired! message if the certificate is about to expire |
|
| or has already expired. |
| Key Algorithm | This field displays the type of algorithm that was used to generate the |
|
| certificate’s key pair (the ZyWALL uses RSA encryption) and the length of the |
|
| key set in bits (1024 bits for example). |
| Subject Alternative | This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) |
| Name | or |
| Key Usage | This field displays for what functions the certificate’s key can be used. For |
|
| example, “DigitalSignature” means that the key can be used to sign certificates |
|
| and “KeyEncipherment” means that the key can be used to encrypt text. |
| Basic Constraint | This field displays general information about the certificate. For example, |
|
| Subject Type=CA means that this is a certification authority’s certificate and |
|
| “Path Length Constraint=1” means that there can only be one certification |
|
| authority in the certificate’s path. |
Chapter 20 Certificates | 354 |