beautypg.com

1 advantages of certificates, 2 self-signed certificates, 3 verifying a certificate – ZyXEL Communications 802.11g HomePlug AV ADSL2+ Gateway P-660HWP-Dx User Manual

Page 196: Figure 112 certificates on your computer

background image

Chapter 13 Certificates

P-660HWP-Dx User’s Guide

36

Certification authorities maintain directory servers with databases of valid and revoked
certificates. A directory of certificates that have been revoked before the scheduled expiration
is called a CRL (Certificate Revocation List). The P-660HWP-Dx can check a peer’s
certificate against a directory server’s list of revoked certificates. The framework of servers,
software, procedures and policies that handles keys is called PKI (public-key infrastructure).

13.1.1 Advantages of Certificates

Certificates offer the following benefits.

• The P-660HWP-Dx only has to store the certificates of the certification authorities that

you decide to trust, no matter how many devices you need to authenticate.

• Key distribution is simple and very secure since you can freely distribute public keys and

you never need to transmit private keys.

13.2 Self-signed Certificates

You can have the P-660HWP-Dx act as a certification authority and sign its own certificates.

13.3 Verifying a Certificate

Before you import a trusted CA or trusted remote host certificate into the P-660HWP-Dx, you
should verify that you have the actual certificate. This is especially true of trusted CA
certificates since the P-660HWP-Dx also trusts any valid certificate signed by any of the
imported trusted CA certificates.

13.3.1 Checking the Fingerprint of a Certificate on Your Computer

A certificate’s fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to check a certificate’s fingerprint to verify that you
have the actual certificate.

1 Browse to where you have the certificate saved on your computer.
2 Make sure that the certificate has a “.cer” or “.crt” file name extension.

Figure 112 Certificates on Your Computer

3 Double-click the certificate’s icon to open the Certificate window. Click the Details tab

and scroll down to the Thumbprint Algorithm and Thumbprint fields.

See also other documents in the category ZyXEL Communications Hardware: