beautypg.com

16 directory servers – ZyXEL Communications NBG410W3G User Manual

Page 220

background image

Chapter 11 Certificates

NBG410W3G Series User’s Guide

220

11.16 Directory Servers

Click SECURITY > CERTIFICATES > Directory Servers to open the Directory Servers
screen. This screen displays a summary list of directory servers (that contain lists of valid and
revoked certificates) that have been saved into the ZyXEL Device. If you decide to have the
ZyXEL Device check incoming certificates against the issuing certification authority’s list of
revoked certificates, the ZyXEL Device first checks the server(s) listed in the CRL
Distribution Points field of the incoming certificate. If the certificate does not list a server or
the listed server is not available, the ZyXEL Device checks the servers listed here.

Figure 134 SECURITY > CERTIFICATES > Directory Servers

MD5 Fingerprint

This is the certificate’s message digest that the ZyXEL Device calculated using

the MD5 algorithm. The ZyXEL Device uses one of its own self-signed

certificates to sign the imported trusted remote host certificates. This changes

the fingerprint value displayed here (so it does not match the original). See

Section 11.3 on page 196

for how to verify a remote host’s certificate before

you import it into the ZyXEL Device.

SHA1 Fingerprint

This is the certificate’s message digest that the ZyXEL Device calculated using

the SHA1 algorithm. The ZyXEL Device uses one of its own self-signed

certificates to sign the imported trusted remote host certificates. This changes

the fingerprint value displayed here (so it does not match the original). See

Section 11.3 on page 196

for how to verify a remote host’s certificate before

you import it into the ZyXEL Device.

Certificate in PEM

(Base-64) Encoded

Format

This read-only text box displays the certificate or certification request in Privacy

Enhanced Mail (PEM) format. PEM uses 64 ASCII characters to convert the

binary certificate into a printable form.
You can copy and paste the certificate into an e-mail to send to friends or

colleagues or you can copy and paste the certificate into a text editor and save

the file on a management computer for later distribution (via floppy disk for

example).

Apply

Click Apply to save your changes back to the ZyXEL Device. You can only

change the name of the certificate.

Cancel

Click Cancel to quit configuring this screen and return to the Trusted Remote

Hosts screen.

Table 62 SECURITY > CERTIFICATES > Trusted Remote Hosts > Details (continued)

LABEL

DESCRIPTION

See also other documents in the category ZyXEL Communications Hardware: