beautypg.com

8 my certificate import, 1 certificate file formats – ZyXEL Communications ZyWALL 2 Plus User Manual

Page 303

background image

Chapter 15 Certificates

ZyWALL 2 Plus User’s Guide

303

The following table describes the labels in this screen.

15.8 My Certificate Import

Click SECURITY > CERTIFICATES > My Certificates and then Import to open the My
Certificate Import screen. Follow the instructions in this screen to save an existing certificate
from a computer to the ZyWALL.

• You can only import a certificate that matches a corresponding certification request that

was generated by the ZyWALL (the certification request contains the private key). The
certificate you import replaces the corresponding request in the My Certificates screen.
One exception is that you can import a PKCS#12 format certificate without a
corresponding certification request since the certificate includes the private key.

• You must remove any spaces from the certificate’s filename before you can import it.

15.8.1 Certificate File Formats

The certification authority certificate that you want to import has to be in one of these file
formats:

• Binary X.509: This is an ITU-T recommendation that defines the formats for X.509

certificates.

• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII

characters to convert a binary X.509 certificate into a printable form.

• Binary PKCS#7: This is a standard that defines the general syntax for data (including

digital signatures) that may be encrypted. The ZyWALL currently allows the importation
of a PKS#7 file that contains a single certificate.

• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses 64

ASCII characters to convert a binary PKCS#7 certificate into a printable form.

Table 79 SECURITY > CERTIFICATES > My Certificates > Export

LABEL

DESCRIPTION

Export the certificate in

binary X.509 format.

Binary X.509 is an ITU-T recommendation that defines the formats for X.509

certificates.

Export the certificate

along with the

corresponding private

key in PKCS#12 format.

PKCS#12 is a format for transferring public key and private key certificates.

You can also password-encrypt the private key in the PKCS #12 file. The

file’s password is not connected to your certificate’s public or private

passwords.

Password

Type the file’s password to use for encrypting the private key. The password

is optional, although you must specify one if you want to be able to import the

PKCS#12 format certificate into Netscape version 7.2.

Retype to confirm

Type the password to make sure that you have entered it correctly.

Apply

Click Apply and then Save in the File Download screen. The Save As

screen opens, browse to the location that you want to use and click Save.

Cancel

Click Cancel to quit and return to the My Certificates screen.

See also other documents in the category ZyXEL Communications Hardware: