11 importing a trusted ca’s certificate, Table 60 trusted cas – ZyXEL Communications ZyXEL ZyAIR NWA-3500 User Manual

Chapter 14 Certificates

ZyXEL NWA-3500 User’s Guide

175

The following table describes the labels in this screen.

14.11 Importing a Trusted CA’s Certificate

Click CERTIFICATES >Trusted CAs to open the Trusted CAs screen and then click
Import to open the Trusted CA Import screen. Follow the instructions in this screen to save
a trusted certification authority’s certificate to the ZyXEL Device, see the following figure.

Table 60 Trusted CAs

LABEL

DESCRIPTION

PKI Storage

Space in Use

This bar displays the percentage of the ZyXEL Device’s PKI storage space that is

currently in use. When you are using 80% or less of the storage space, the bar is

green. When the amount of space used is over 80%, the bar is red. When the bar

is red, you should consider deleting expired or unnecessary certificates before

adding more certificates.

#

This field displays the certificate index number. The certificates are listed in

alphabetical order.

Name

This field displays the name used to identify this certificate.

Subject

This field displays identifying information about the certificate’s owner, such as CN

(Common Name), OU (Organizational Unit or department), O (Organization or

company) and C (Country). It is recommended that each certificate have unique

subject information.

Issuer

This field displays identifying information about the certificate’s issuing certification

authority, such as a common name, organizational unit or department,

organization or company and country. With self-signed certificates, this is the

same information as in the Subject field.

Valid From

This field displays the date that the certificate becomes applicable. The text

displays in red and includes a Not Yet Valid! message if the certificate has not yet

become applicable.

Valid To

This field displays the date that the certificate expires. The text displays in red and

includes an Expiring! or Expired! message if the certificate is about to expire or

has already expired.

CRL Issuer

This field displays Yes if the certification authority issues Certificate Revocation

Lists for the certificates that it has issued and you have selected the Issues

certificate revocation lists (CRL) check box in the certificate’s details screen to

have the ZyXEL Device check the CRL before trusting any certificates issued by

the certification authority. Otherwise the field displays “No”.

Details

Click Details to view in-depth information about the certification authority’s

certificate, change the certificate’s name and set whether or not you want the

ZyXEL Device to check a certification authority’s list of revoked certificates before

trusting a certificate issued by the certification authority.

Import

Click Import to open a screen where you can save the certificate of a certification

authority that you trust, from your computer to the ZyXEL Device.

Delete

Click Delete to delete an existing certificate. A window display asking you to

confirm that you want to delete the certificate. Note that subsequent certificates

move up by one when you take this action.

Refresh

Click this button to display the current validity status of the certificates.