Chapter 32 Certificates; Overview; What You Can Do In This Chapter; What You Need To Know - ZyXEL Communications NXC5200 User Manual

C
H A P T E R

32.1 Overview

The NXC can use certificates (also called digital IDs) to authenticate users.
Certificates are based on public-private key pairs. A certificate contains the
certificate owner's identity and public key. Certificates provide a way to exchange
public keys for use in authentication.

32.1.1 What You Can Do in this Chapter

• The My Certificate screens
self-signed certificates or certification requests and import the NXC's CA-signed
certificates.
• The Trusted Certificates screens
certificates and trusted remote host certificates to the NXC. The NXC trusts any
valid certificate that you have imported as a trusted certificate. It also trusts any
valid certificate signed by any of the certificates that you have imported as a
trusted certificate.

32.1.2 What You Need to Know

The following terms and concepts may help as you read this chapter.
When using public-key cryptology for authentication, each host has two keys. One
key is public and can be made openly available. The other key is private and must
be kept secure.
These keys work like a handwritten signature (in fact, certificates are often
referred to as "digital signatures"). Only you can write your signature exactly as it
should look. When people know what your signature looks like, they can verify
whether something was signed by you, or by someone else. In the same way, your
private key "writes" your digital signature and your public key allows people to
verify whether data was signed by you, or by someone else.
NXC5200 User's Guide
Certificates
(Section 32.2 on page 445) generate and export
(Section 32.3 on page
32
455) save CA
441