Panasonic NN46110-600 User Manual

Chapter 3 Using certificates 81

The System > Certificate Details window provides the following certificate
details:

•

This Certificate Belongs To shows the certificate owner’s X.500 distinguished
name.

•

This Certificate Was Issued By shows the issuer of the certificate (the
Certificate Authority). In addition to the main attributes, this field also shows

the issuer’s certificate serial number.

•

Validity Dates show the starting and ending dates during which the certificate

is valid (for example, 01/29/02 through 01/29/03).

•

Certificate Fingerprint shows the unique identifier that is derived from MD5

hashing the certificates. Compare the identifier with the fingerprint supplied

directly by the certificate’s issuer (for example, a CA). If the fingerprints do
not match exactly, the certificate is forged or modified.

•

CRL query optimization enables CRL performance improvement (LDAP

import only). Set this option to Disabled to disable CRL performance
improvements.

•

Version provides information about the version.

•

Signature Algorithm provides information about the signature algorithm.

•

Public Key provides information about the public key.

•

Extensions provides information about the extensions used.

You must configure a group that is using certificate-based authentication to

present a server certificate to remote parties that are initiating tunnel requests. The

Default Server Certificate is the Subject DN of the certificate that you want to use

as the identity of the VPN Router when initiating or responding to a connection

request associated with that group. Tunnel requests are bound to a particular group
by the CA certificate that the remote party is presenting as the signer of its

certificate. You can set up the local identity for the group on the Profiles > Groups
> Edit window.

Nortel VPN Router Security — Servers, Authentication, and Certificates