13 verifying a trusted remote host’s certificate, 1 trusted remote host certificate fingerprints, Figure 70 remote host certificates – ZyXEL Communications ZyXEL ZyWALL P1 User Manual

ZyWALL P1 User’s Guide

Chapter 10 Certificates

169

10.13 Verifying a Trusted Remote Host’s Certificate

Certificates issued by certification authorities have the certification authority’s signature for
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host’s self-
signed certificate.

10.13.1 Trusted Remote Host Certificate Fingerprints

A certificate’s fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to use a certificate’s fingerprint to verify that you have
the remote host’s actual certificate.

1 Browse to where you have the remote host’s certificate saved on your computer.

2 Make sure that the certificate has a “.cer” or “.crt” file name extension.

Figure 70 Remote Host Certificates

3 Double-click the certificate’s icon to open the Certificate window. Click the Details tab

and scroll down to the Thumbprint Algorithm and Thumbprint fields.

Modify

Click the details icon to open a screen with an in-depth list of information about the

certificate.
Click the delete icon to remove the certificate. A window displays asking you to

confirm that you want to delete the certificate.

Note: Subsequent certificates move up by one when you take this

action.

Import

Click Import to open a screen where you can save the certificate of a remote host

(which you trust) from your computer to the ZyWALL.

Refresh

Click this button to display the current validity status of the certificates.

Table 57 Certificates: Trusted Remote Hosts (continued)

LABEL

DESCRIPTION