Table 57 Certificates: Trusted Remote Hosts (continued)
LABEL
Modify
Import
Refresh
10.13 Verifying a Trusted Remote Host's Certificate
Certificates issued by certification authorities have the certification authority's signature for
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host's self-
signed certificate.
10.13.1 Trusted Remote Host Certificate Fingerprints
A certificate's fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to use a certificate's fingerprint to verify that you have
the remote host's actual certificate.
1 Browse to where you have the remote host's certificate saved on your computer.
2 Make sure that the certificate has a ".cer" or ".crt" file name extension.
Figure 70 Remote Host Certificates
3 Double-click the certificate's icon to open the Certificate window. Click the Details tab
and scroll down to the Thumbprint Algorithm and Thumbprint fields.
Chapter 10 Certificates
DESCRIPTION
Click the details icon to open a screen with an in-depth list of information about the
certificate.
Click the delete icon to remove the certificate. A window displays asking you to
confirm that you want to delete the certificate.
Note: Subsequent certificates move up by one when you take this
action.
Click Import to open a screen where you can save the certificate of a remote host
(which you trust) from your computer to the ZyWALL.
Click this button to display the current validity status of the certificates.
ZyWALL P1 User's Guide
169