Chapter 40 Certificates
Table 189 Object > Certificate > Trusted Certificates > Edit (continued)
LABEL | DESCRIPTION |
Valid From | This field displays the date that the certificate becomes applicable. The text |
| displays in red and includes a Not Yet Valid! message if the certificate has not |
| yet become applicable. |
|
|
Valid To | This field displays the date that the certificate expires. The text displays in red |
| and includes an Expiring! or Expired! message if the certificate is about to expire |
| or has already expired. |
|
|
Key Algorithm | This field displays the type of algorithm that was used to generate the |
| certificate’s key pair (the ZyWALL uses RSA encryption) and the length of the |
| key set in bits (1024 bits for example). |
|
|
Subject Alternative | This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) |
Name | or |
|
|
Key Usage | This field displays for what functions the certificate’s key can be used. For |
| example, “DigitalSignature” means that the key can be used to sign certificates |
| and “KeyEncipherment” means that the key can be used to encrypt text. |
|
|
Basic Constraint | This field displays general information about the certificate. For example, |
| Subject Type=CA means that this is a certification authority’s certificate and |
| “Path Length Constraint=1” means that there can only be one certification |
| authority in the certificate’s path. |
|
|
MD5 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the |
| MD5 algorithm. You can use this value to verify with the certification authority |
| (over the phone for example) that this is actually their certificate. |
|
|
SHA1 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the |
| SHA1 algorithm. You can use this value to verify with the certification authority |
| (over the phone for example) that this is actually their certificate. |
|
|
Certificate in PEM | This |
Enhanced Mail (PEM) format. PEM uses 64 ASCII characters to convert the | |
Format | binary certificate into a printable form. |
| You can copy and paste the certificate into an |
| colleagues or you can copy and paste the certificate into a text editor and save |
| the file on a management computer for later distribution (via floppy disk for |
| example). |
|
|
Export Certificate | Click this button and then Save in the File Download screen. The Save As |
| screen opens, browse to the location that you want to use and click Save. |
|
|
OK | Click OK to save your changes back to the ZyWALL. You can only change the |
| name. |
|
|
Cancel | Click Cancel to quit and return to the Trusted Certificates screen. |
|
|
40.9 Trusted Certificates Import Screen
Click Object > Certificate > Trusted Certificates > Import to open the Trusted Certificates Import screen. Follow the instructions in this screen to save a trusted certificate to the ZyWALL.
"You must remove any spaces from the certificate’s filename before you can import the certificate.
560 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|