Verifying A Certificate - ZyXEL Communications ENC User Manual

Chapter 9 Maintenance
• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses lowercase letters,
uppercase letters and numerals to convert a binary X.509 certificate into a printable form.
• Binary PKCS#7: This is a standard that defines the general syntax for data (including digital
signatures) that may be encrypted. A PKCS #7 file is used to transfer a public key certificate. The
private key is not included. The ENC currently allows the importation of a PKS#7 file that
contains a single certificate.
• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses lowercase
letters, uppercase letters and numerals to convert a binary PKCS#7 certificate into a printable
form.
• Binary PKCS#12: This is a format for transferring public key and private key certificates.The
private key in a PKCS #12 file is within a password-encrypted envelope. The file's password is not
connected to your certificate's public or private passwords. Exporting a PKCS #12 file creates this
and you must provide it to decrypt the contents when you import the file into the ENC.
Note: Be careful not to convert a binary file to text during the transfer process. It is easy
for this to occur since many programs use text files by default.

9.12.2 Verifying a Certificate

Before you import a trusted certificate into the ENC, you should verify that you have the correct
certificate. You can do this using the certificate's fingerprint. A certificate's fingerprint is a message
digest calculated using the MD5 or SHA1 algorithm. The following procedure describes how to check
a certificate's fingerprint to verify that you have the actual certificate.
Browse to where you have the certificate saved on your computer.
1
Make sure that the certificate has a ".cer" or ".crt" file name extension.
2
Figure 286 Remote Host Certificates
336
ENC User's Guide