ZyXEL Communications ZyWall USG20-VPN User Manual page 520
Usg series
Hide thumbs
Also See for ZyWall USG20-VPN:
- User manual (994 pages) ,
- Handbook (810 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
Table 219 Configuration > Object > Certificate > My Certificates > Add (continued)
LABEL
DESCRIPTION
Organization
Identify the company or group to which the certificate owner belongs. You can use up
to 31 characters. You can use alphanumeric characters, the hyphen and the
underscore.
Town (City)
Identify the town or city where the certificate owner is located. You can use up to 31
characters. You can use alphanumeric characters, the hyphen and the underscore.
State, (Province)
Identify the state or province where the certificate owner is located. You can use up to
31 characters. You can use alphanumeric characters, the hyphen and the underscore.
Country
Identify the nation where the certificate owner is located. You can use up to 31
characters. You can use alphanumeric characters, the hyphen and the underscore.
Key Type
Select RSA to use the Rivest, Shamir and Adleman public-key algorithm.
Select DSA to use the Digital Signature Algorithm public-key algorithm.
Key Length
Select a number from the drop-down list box to determine how many bits the key
should use (512 to 2048). The longer the key, the more secure it is. A longer key also
uses more PKI storage space.
Extended Key Usage
Server Authentication Select this to have USG generate and store a request for server authentication
certificate.
Client Authentication
Select this to have USG generate and store a request for client authentication
certificate.
IKE Intermediate
Select this to have USG generate and store a request for IKE Intermediate
authentication certificate.
Create a self-signed
Select this to have the USG generate the certificate and act as the Certification
certificate
Authority (CA) itself. This way you do not need to apply to a certification authority for
certificates.
Create a certification
Select this to have the USG generate and store a request for a certificate. Use the My
request and save it
Certificate Details screen to view the certification request and copy it to send to the
locally for later
certification authority.
manual enrollment
Copy the certification request from the My Certificate Details screen (see
29.10.3.2 on page
Create a certification
Select this to have the USG generate a request for a certificate and apply to a
request and enroll for
certification authority for a certificate.
a certificate
You must have the certification authority's certificate already imported in the Trusted
immediately online
Certificates screen.
When you select this option, you must select the certification authority's enrollment
protocol and the certification authority's certificate from the drop-down list boxes and
enter the certification authority's server address. You also need to fill in the
Reference Number and Key if the certification authority requires them.
OK
Click OK to begin certificate or certification request generation.
Cancel
Click Cancel to quit and return to the My Certificates screen.
If you configured the My Certificate Create screen to have the USG enroll a certificate and the
certificate enrollment is not successful, you see a screen with a Return button that takes you back
to the My Certificate Create screen. Click Return and check your information in the My
Certificate Create screen. Make sure that the certification authority information is correct and that
your Internet connection is working properly if you want the USG to enroll a certificate online.
Chapter 29 Object
521) and then send it to the certification authority.
USG20(W)-VPN Series User's Guide
520
Section
- Quick Links:
- Web Configurator
- Installation Setup Wizard
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
