ZyXEL Communications P-2612HW-F1 User Manual page 316

Chapter 15 Certificates
Table 98 Security > Certificates > Trusted Remote Hosts > Details (continued)
LABEL
Certificate Path
Type
Version
Serial Number
Subject
Issuer
Signature
Algorithm
Valid From
Valid To
Key Algorithm
Subject Alternative
Name
Key Usage
Basic Constraint
MD5 Fingerprint
316
DESCRIPTION
These read-only fields display detailed information about the
certificate.
This field displays general information about the certificate. With
trusted remote host certificates, this field always displays CA-signed.
The ZyXEL Device is the Certification Authority that signed the
certificate. X.509 means that this certificate was created and signed
according to the ITU-T X.509 recommendation that defines the
formats for public-key certificates.
This field displays the X.509 version number.
This field displays the certificate's identification number given by the
device that created the certificate.
This field displays information that identifies the owner of the
certificate, such as Common Name (CN), Organizational Unit (OU),
Organization (O) and Country (C).
This field displays identifying information about the default self-
signed certificate on the ZyXEL Device that the ZyXEL Device uses to
sign the trusted remote host certificates.
This field displays the type of algorithm that the ZyXEL Device used
to sign the certificate, which is rsa-pkcs1-sha1 (RSA public-private
key encryption algorithm and the SHA1 hash algorithm).
This field displays the date that the certificate becomes applicable.
The text displays in red and includes a Not Yet Valid! message if the
certificate has not yet become applicable.
This field displays the date that the certificate expires. The text
displays in red and includes an Expiring! or Expired! message if the
certificate is about to expire or has already expired.
This field displays the type of algorithm that was used to generate
the certificate's key pair (the ZyXEL Device uses RSA encryption)
and the length of the key set in bits (1024 bits for example).
This field displays the certificate's owner's IP address (IP), domain
name (DNS) or e-mail address (EMAIL).
This field displays for what functions the certificate's key can be
used. For example, "DigitalSignature" means that the key can be
used to sign certificates and "KeyEncipherment" means that the key
can be used to encrypt text.
This field displays general information about the certificate. For
example, Subject Type=CA means that this is a certification
authority's certificate and
there can only be one certification authority in the certificate's path.
This is the certificate's message digest that the ZyXEL Device
calculated using the MD5 algorithm. You cannot use this value to
verify that this is the remote host's actual certificate because the
ZyXEL Device has signed the certificate; thus causing this value to
be different from that of the remote hosts actual certificate. See
Section 15.1.3 on page 295
certificate.
"Path Length Constraint=1" means that
for how to verify a remote host's
P-2612HW-F1 User's Guide