14.1 Overview
This chapter describes how your P-79X can use certificates as a means of authenticating clients. It
gives background information about public-key certificates and explains how to use them.
A certificate contains the certificate owner's identity and public key. Certificates provide a way to
exchange public keys for use in authentication.
Figure 88 Certificates Example
In the figure above, the P-79X (Z) checks the identity of the notebook (A) using a certificate before
granting it access to the network.
14.1.1 What You Need to Know About Certificates
Certification Authority
A Certification Authority (CA) issues certificates and guarantees the identity of each certificate
owner. There are commercial certification authorities like CyberTrust or VeriSign and government
certification authorities. You can use the P-79X to generate certification requests that contain
identifying information and public keys and then send the certification requests to a certification
authority.
Certificate File Formats
The certification authority certificate that you want to import has to be in one of these file formats:
• Binary X.509: This is an ITU-T recommendation that defines the formats for X.509 certificates.
• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses lowercase letters,
uppercase letters and numerals to convert a binary X.509 certificate into a printable form.
C
HAPTER
P-79X Series User's Guide
150
1 4
Certificates