ZyWALL 2 Series User’s Guide
| Table |
LABEL | DESCRIPTION |
|
|
Key Algorithm | This field displays the type of algorithm that was used to generate the certificate’s |
| key pair (the ZyWALL uses RSA encryption) and the length of the key set in bits |
| (1024 bits for example). |
|
|
Subject Alternative | This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) or |
Name | |
|
|
Key Usage | This field displays for what functions the certificate’s key can be used. For |
| example, “DigitalSignature” means that the key can be used to sign certificates |
| and “KeyEncipherment” means that the key can be used to encrypt text. |
|
|
Basic Constraint | This field displays general information about the certificate. For example, “Subject |
| Type=CA” means that this is a certification authority’s certificate and “Path |
| Length Constraint=1” means that there can only be one certification authority in |
| the certificate’s path. |
|
|
MD5 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the MD5 |
| algorithm. You cannot use this value to verify that this is the remote host’s actual |
| certificate because the ZyWALL has signed the certificate; thus causing this value |
| to be different from that of the remote hosts actual certificate. See section 15.13.1 |
| for how to verify a remote host’s certificate. |
SHA1 Fingerprint | This is the certificate’s message digest that the ZyWALL calculated using the |
| SHA1 algorithm. You cannot use this value to verify that this is the remote host’s |
| actual certificate because the ZyWALL has signed the certificate; thus causing this |
| value to be different from that of the remote hosts actual certificate. See section |
| 15.13.1 for how to verify a remote host’s certificate. |
|
|
Certificate in PEM | This |
Enhanced Mail (PEM) format. PEM uses 64 ASCII characters to convert the binary | |
Format | certificate into a printable form. |
| You can copy and paste the certificate into an |
| colleagues or you can copy and paste the certificate into a text editor and save the |
| file on a management computer for later distribution (via floppy disk for example). |
|
|
Export | Click this button and then Save in the File Download screen. The Save As screen |
| opens, browse to the location that you want to use and click Save. |
Apply | Click Apply to save your changes back to the ZyWALL. You can only change the |
| name of the certificate. |
Cancel | Click Cancel to quit configuring this screen and return to the Trusted Remote |
| Hosts screen. |
Certificates |