Certificate File Formats - ZyXEL Communications ZyWall 35 User Manual

ZyWALL 35 User's Guide
Table 83 My Certificates (continued)
LABEL
Type
Subject
Issuer
Valid From
Valid To
Modify
Import
Create
Refresh

15.5 Certificate File Formats

The certification authority certificate that you want to import has to be in one of these file
formats:
268
DESCRIPTION
This field displays what kind of certificate this is.
REQ represents a certification request and is not yet a valid certificate. Send a
certification request to a certification authority, which then issues a certificate. Use
the My Certificate Import screen to import the certificate and replace the request.
SELF represents a self-signed certificate.
*SELF represents the default self-signed certificate, which the ZyWALL uses to
sign imported trusted remote host certificates.
CERT represents a certificate issued by a certification authority.
This field displays identifying information about the certificate's owner, such as CN
(Common Name), OU (Organizational Unit or department), O (Organization or
company) and C (Country). It is recommended that each certificate have unique
subject information.
This field displays identifying information about the certificate's issuing certification
authority, such as a common name, organizational unit or department,
organization or company and country. With self-signed certificates, this is the same
information as in the Subject field.
This field displays the date that the certificate becomes applicable. The text
displays in red and includes a Not Yet Valid! message if the certificate has not yet
become applicable.
This field displays the date that the certificate expires. The text displays in red and
includes an Expiring! or Expired! message if the certificate is about to expire or has
already expired.
Click the details icon to open a screen with an in-depth list of information about the
certificate.
Click the delete icon to remove the certificate. A window displays asking you to
confirm that you want to delete the certificate.
You cannot delete a certificate that one or more features is configured to use.
Do the following to delete a certificate that shows *SELF in the Type field.
1. Make sure that no other features, such as HTTPS, VPN, SSH are configured to
use the *SELF certificate.
2. Click the details icon next to another self-signed certificate (see the description
on the Create button if you need to create a self-signed certificate).
3. Select the Default self-signed certificate which signs the imported remote
host certificates check box.
4. Click Apply to save the changes and return to the My Certificates screen.
5. The certificate that originally showed *SELF displays SELF and you can delete
it now.
Note that subsequent certificates move up by one when you take this action
Click Import to open a screen where you can save the certificate that you have
enrolled from a certification authority from your computer to the ZyWALL.
Click Create to go to the screen where you can have the ZyWALL generate a
certificate or a certification request.
Click Refresh to display the current validity status of the certificates.
Chapter 15 Certificates