ZyXEL Communications ZyWall Reference Manual page 261
Hide thumbs
Also See for ZyWall:
- Support note (44 pages) ,
- Troubleshooting manual (26 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Table 156 ca Commands Summary (continued)
COMMAND
ca validation remote_certificate
cdp {activate|deactivate}
ldap {activate|deactivate}
ldap ip {ip|fqdn} port <1..65535> [id name
password password] [deactivate]
ocsp {activate|deactivate}
ocsp url url [id name password password]
[deactivate]
no ca category {local|remote} certificate_name
no ca validation name
ZyWALL (ZLD) CLI Reference Guide
DESCRIPTION
Enters the sub command mode for validation of
certificates signed by the specified remote (trusted)
certificates.
Turns certificate revocation on or off. When it is turned on,
the ZyWALL validates a certificate by getting a Certificate
Revocation List (CRL) through HTTP or LDAP (can be
configured after activating the LDAP checking option) and
online responder (can be configured after activating the
OCSP checking option). You also need to configure the
OSCP or LDAP server details.
Has the ZyWALL check (or not check) incoming
certificates that are signed by this certificate against a
Certificate Revocation List (CRL) on a LDAP (Lightweight
Directory Access Protocol) directory server.
Sets the validation configuration for the specified remote
(trusted) certificate where the directory server uses LDAP.
ip: Type the IP address (in dotted decimal notation) or
the domain name of the directory server. The domain
name can use alphanumeric characters, periods and
hyphens. Up to 255 characters.
port: Specify the LDAP server port number. You must use
the same server port number that the directory server
uses. 389 is the default server port number for LDAP.
The ZyWALL may need to authenticate itself in order to
access the CRL directory server. Type the login name (up
to 31 characters) from the entity maintaining the server
(usually a certification authority). You can use
alphanumeric characters, the underscore and the dash.
Type the password (up to 31 characters) from the entity
maintaining the CRL directory server (usually a
certification authority). You can use the following
characters: a-zA-Z0-9;|`~!@#$%^&*()_+\{}':,./<>=-
Has the ZyWALL check (or not check) incoming
certificates that are signed by this certificate against a
directory server that uses OCSP (Online Certificate Status
Protocol).
Sets the validation configuration for the specified remote
(trusted) certificate where the directory server uses OCSP.
url: Type the protocol, IP address and pathname of the
OCSP server.
name: The ZyWALL may need to authenticate itself in
order to access the OCSP server. Type the login name (up
to 31 characters) from the entity maintaining the server
(usually a certification authority). You can use
alphanumeric characters, the underscore and the dash.
password: Type the password (up to 31 characters) from
the entity maintaining the OCSP server (usually a
certification authority). You can use the following
characters: a-zA-Z0-9;|`~!@#$%^&*()_+\{}':,./<>=-
Deletes the specified local (my certificates) or remote
(trusted certificates) certificate.
Removes the validation configuration for the specified
remote (trusted) certificate.
Chapter 32 Certificates
261
- Quick Links:
- Command Line Interface
Hide quick links:
Advertisement
Table of Contents
Related Manuals for ZyXEL Communications ZyWall
Related Products for ZyXEL Communications ZyWall
- ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0
- ZyXEL Communications ZyWALL USG Series
- ZyXEL Communications ZYWALL - CLI
- ZyXEL Communications ZYWALL OTPV2 - SUPPORT NOTE V1
- ZyXEL Communications ZYWALL2 ET 2WE
- ZyXEL Communications ZyWALL USG 50
- ZyXEL Communications ZYWALL 10W - GUIDE D'INSTALLATION
- ZyXEL Communications ZYWALL TURBO CARD