Verifying A Trusted Remote Host's Certificate; Trusted Remote Host Certificate Fingerprints; Figure 169 Remote Host Certificates - ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0 User Manual

ZyWALL 5/35/70 Series User's Guide
Table 117 Trusted Remote Hosts (continued)
LABEL
Import
Refresh

20.12 Verifying a Trusted Remote Host's Certificate

Certificates issued by certification authorities have the certification authority's signature for
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host's self-
signed certificate.

20.12.1 Trusted Remote Host Certificate Fingerprints

A certificate's fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to use a certificate's fingerprint to verify that you have
the remote host's actual certificate.
1 Browse to where you have the remote host's certificate saved on your computer.
2 Make sure that the certificate has a ".cer" or ".crt" file name extension.

Figure 169 Remote Host Certificates

3 Double-click the certificate's icon to open the Certificate window. Click the Details tab
and scroll down to the Thumbprint Algorithm and Thumbprint fields.
357
DESCRIPTION
Click Import to open a screen where you can save the certificate of a remote host
(which you trust) from your computer to the ZyWALL.
Click this button to display the current validity status of the certificates.
Chapter 20 Certificates