Nortel BSR252 Configuration - Basics page 293

Table 73 Trusted remote host details
Label Description
Valid To This field displays the date that the certificate expires. The text
displays in red and includes an Expiring! or Expired! message if the
certificate is about to expire or has already expired.
Key Algorithm This field displays the type of algorithm that was used to generate
the certificate key pair (the Business Secure Router uses RSA
encryption) and the length of the key set in bits (1 024-bits, for
example).
Subject Alternative This (optional) field displays the certificate owner's IP address (IP),
Name domain name (DNS), or e-mail address (EMAIL).
Key Usage This field displays for what functions the certificate key can be used.
For example, DigitalSignature means that the key can be used to
sign certificates and KeyEncipherment means that the key can be
used to encrypt text.
Basic Constraint This field displays general information about the certificate. For
example, Subject Type=CA means that this is a certification authority
certificate and Path Length Constraint=1 means that there can only
be one certification authority in the certification path of the certificate.
MD5 Fingerprint This is the message digest of the certificate that the Business Secure
Router calculated using the MD5 algorithm. You cannot use this
value to verify that this is the remote host's actual certificate because
the Business Secure Router has signed the certificate; thus causing
this value to be different from that of the remote host's actual
certificate. See
page 287
SHA1 Fingerprint This is the message digest of the certificate that the Business Secure
Router calculated using the SHA1 algorithm. You cannot use this
value to verify that this is the remote host's actual certificate because
the Business Secure Router has signed the certificate; thus causing
this value to be different from that of the remote host's actual
certificate. See
page 287
Certificate in PEM This read-only text box displays the certificate or certification request
(Base-64) in Privacy Enhanced Mail (PEM) format. PEM uses 64 ASCII
Encoded Format characters to convert the binary certificate into a printable form.
You can copy and paste the certificate into an e-mail to send to
friends or colleagues or you can copy and paste the certificate into a
text editor and save the file on a management computer for later
distribution (through floppy disk for example).
Export Click this button and then Save in the File Download screen. The
Save As screen displays. Browse to the location that you want to
use and click Save.
"Verifying a certificate of a trusted remote host" on
for how to verify a remote host's certificate.
"Verifying a certificate of a trusted remote host" on
for how to verify a remote host's certificate.
Nortel Business Secure Router 252 Configuration — Basics
Chapter 14 Certificates 293