Filter
Top Products
Chapter 15 Certificates
P-2612HNU-Fx User’s Guide
211
• Binary X.509: This is an ITU-T recommendation that defines the formats for
X.509 certificates.
• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64
ASCII characters to convert a binary X.509 certificate into a printable form.
• Binary PKCS#7: This is a standard that defines the general syntax for data
(including digital signatures) that may be encrypted. The ZyXEL Device
currently allows the importation of a PKS#7 file that contains a single
certificate.
• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses
64 ASCII characters to convert a binary PKCS#7 certificate into a printable
form.
Note: Be careful not to convert a binary file to text during the transfer process. It is
easy for this to occur since many programs use text files by default.
15.1.3 Verifying a Certificate
Before you import a trusted CA or trusted remote host certificate into the ZyXEL
Device, you should verify that you have the actual certificate. This is especially
true of trusted CA certificates since the ZyXEL Device also trusts any valid
certificate signed by any of the imported trusted CA certificates.
You can use a certificate’s fingerprint to verify it. A certificate’s fingerprint is a
message digest calculated using the MD5 or SHA1 algorithms. The following
procedure describes how to check a certificate’s fingerprint to verify that you have
the actual certificate.
1 Browse to where you have the certificate saved on your computer.
2 Make sure that the certificate has a “.cer” or “.crt” file name extension.
Figure 71 Certificates on Your Computer