1 about the certificate not trusted log, Figure 187 myzyxel.com: download center – ZyXEL Communications NBG410W3G User Manual

Chapter 19 Logs Screens

NBG410W3G Series User’s Guide

303

19.2.1 About the Certificate Not Trusted Log

myZyXEL.com and the update server use certificates signed by VeriSign to identify
themselves. If the ZyXEL Device does not have a CA certificate signed by VeriSign as a
trusted CA, the ZyXEL Device will not trust the certificate from myZyXEL.com and the
update server. The ZyXEL Device will generate a log like "Due to error code(11), cert not
trusted: SSL/TLS peer certif..." for every time it attempt to establish a (HTTPS) connection
with myZyXEL.com and the update server. The V4.00 default configuration file includes a
trusted CA certificate signed by VeriSign. If you upgraded to ZyNOS V4.00 firmware without
uploading the V4.00 default configuration file, you can download a CA certificate signed by
VeriSign from myZyXEL.com and import it into the ZyXEL Device as a trusted CA. This will
stop the ZyXEL Device from generating this log every time it attempts to connect with
myzyxel.com and the update server.
Follow the steps below to download the certificate from myZyXEL.com.

1 Go to http://www.myZyXEL.com and log in with your account.
2 Click Download Center and then Certificate Download.

Figure 187 myZyXEL.com: Download Center

3 Click the link in the Certificate Download screen.

notes

The ZyXEL Device blocked the packet.

message

The ZyXEL Device blocked the packet in accordance with the firewall’s default policy of

blocking sessions that are initiated from the WAN. “UDP” means that this was a User

Datagram Protocol packet. “W to W/ZW” indicates that the packet was traveling from the

WAN to the WAN or the ZyXEL Device.

Table 89 Log Description Example

LABEL

DESCRIPTION