13 verifying a trusted remote host’s certificate, 1 trusted remote host certificate fingerprints, Figure 127 remote host certificates – ZyXEL Communications ZyXEL ZyWALL 5 User Manual

ZyWALL 5 User’s Guide

Chapter 15 Certificates

271

15.13 Verifying a Trusted Remote Host’s Certificate

Certificates issued by certification authorities have the certification authority’s signature for
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host’s self-
signed certificate.

15.13.1 Trusted Remote Host Certificate Fingerprints

A certificate’s fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to use a certificate’s fingerprint to verify that you have
the remote host’s actual certificate.

1 Browse to where you have the remote host’s certificate saved on your computer.

2 Make sure that the certificate has a “.cer” or “.crt” file name extension.

Figure 127 Remote Host Certificates

3 Double-click the certificate’s icon to open the Certificate window. Click the Details tab

and scroll down to the Thumbprint Algorithm and Thumbprint fields.

Import

Click Import to open a screen where you can save the certificate of a remote host

(which you trust) from your computer to the ZyWALL.

Refresh

Click this button to display the current validity status of the certificates.

Table 84 Trusted Remote Hosts (continued)

LABEL

DESCRIPTION