Table of Contents
Advertisement
• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses
lowercase letters, uppercase letters and numerals to convert a binary PKCS#7 certificate
into a printable form.
• Binary PKCS#12: This is a format for transferring public key and private key
certificates.The private key in a PKCS #12 file is within a password-encrypted envelope.
The file's password is not connected to your certificate's public or private passwords.
Exporting a PKCS #12 file creates this and you must provide it to decrypt the contents
when you import the file into the ZyWALL.
Be careful not to convert a binary file to text during the transfer process. It is
easy for this to occur since many programs use text files by default.
Finding Out More
• See
Section 5.5 on page 89
• See
Section 34.4 on page 505
34.1.3 Verifying a Certificate
Before you import a trusted certificate into the ZyWALL, you should verify that you have the
correct certificate. You can do this using the certificate's fingerprint. A certificate's
fingerprint is a message digest calculated using the MD5 or SHA1 algorithm. The following
procedure describes how to check a certificate's fingerprint to verify that you have the actual
certificate.
1 Browse to where you have the certificate saved on your computer.
2 Make sure that the certificate has a ".cer" or ".crt" file name extension.
Figure 397 Remote Host Certificates
3 Double-click the certificate's icon to open the Certificate window. Click the Details tab
and scroll down to the Thumbprint Algorithm and Thumbprint fields.
ZyWALL USG 50-H User's Guide
for related information on these screens.
for certificate background information.
Chapter 34 Certificates
491
Advertisement
Table of Contents
Troubleshooting
