Verifying A Trusted Remote Host's Certificate; Figure 14-10 Remote Host Certificates; Figure 14-11 Certificate Details - ZyXEL Communications ZyWALL 5 User Manual

ZyWALL 5 Internet Security Appliance
LABEL
Import Click Import to open a screen where you can save the certificate of a remote host (which
you trust) from your computer to the ZyWALL.
Refresh Click this button to display the current validity status of the certificates.

14.13 Verifying a Trusted Remote Host's Certificate

Certificates issued by certification authorities have the certification authority's signature for you to
check. Self-signed certificates only have the signature of the host itself. This means that you must be
very careful when deciding to import (and thereby trust) a remote host's self-signed certificate.
14.13.1 Trusted Remote Host Certificate Fingerprints
A certificate's fingerprints are message digests calculated using the MD5 or SHA1 algorithms. The
following procedure describes how to use a certificate's fingerprint to verify that you have the remote
host's actual certificate.
Browse to where you have the remote host's certificate saved on your computer.
1.
Make sure that the certificate has a ".cer" or ".crt" file name extension.
2.
Double-click the certificate's icon to open the Certificate window. Click the Details tab and scroll
3.
down to the Thumbprint Algorithm and Thumbprint fields.
14-20
Table 14-8 Trusted Remote Hosts

Figure 14-10 Remote Host Certificates

Verify (over the phone for example) that the remote host
has the same information in the Thumbprint Algorithm
and Thumbprint fields.

Figure 14-11 Certificate Details

DESCRIPTION
Certificates