ZyXEL Communications ZyWALL 2 Series User Manual
ZyWALL 2 Series User’s Guide
Certificates
15-13
Table 15-4 My Certificate Details
LABEL DESCRIPTION
Signature Algorithm
This field displays the type of algorithm that was used to sign the certificate. The
ZyWALL uses rsa-pkcs1-sha1 (RSA public-private key encryption algorithm and
the SHA1 hash algorithm). Some certification authorities may use ras-pkcs1-md5
(RSA public-private key encryption algorithm and the MD5 hash algorithm).
ZyWALL uses rsa-pkcs1-sha1 (RSA public-private key encryption algorithm and
the SHA1 hash algorithm). Some certification authorities may use ras-pkcs1-md5
(RSA public-private key encryption algorithm and the MD5 hash algorithm).
Valid From
This field displays the date that the certificate becomes applicable. The text
displays in red and includes a “Not Yet Valid!” message if the certificate has not
yet become applicable.
displays in red and includes a “Not Yet Valid!” message if the certificate has not
yet become applicable.
Valid To
This field displays the date that the certificate expires. The text displays in red and
includes an “Expiring!” or “Expired!” message if the certificate is about to expire or
has already expired.
includes an “Expiring!” or “Expired!” message if the certificate is about to expire or
has already expired.
Key Algorithm
This field displays the type of algorithm that was used to generate the certificate’s
key pair (the ZyWALL uses RSA encryption) and the length of the key set in bits
(1024 bits for example).
key pair (the ZyWALL uses RSA encryption) and the length of the key set in bits
(1024 bits for example).
Subject Alternative
Name
Name
This field displays the certificate owner‘s IP address (IP), domain name (DNS) or
e-mail address (EMAIL).
e-mail address (EMAIL).
Key Usage
This field displays for what functions the certificate’s key can be used. For
example, “DigitalSignature” means that the key can be used to sign certificates
and “KeyEncipherment” means that the key can be used to encrypt text.
example, “DigitalSignature” means that the key can be used to sign certificates
and “KeyEncipherment” means that the key can be used to encrypt text.
Basic Constraint
This field displays general information about the certificate. For example, “Subject
Type=CA” means that this is a certification authority’s certificate and “Path
Length Constraint=1” means that there can only be one certification authority in
the certificate’s path.
Type=CA” means that this is a certification authority’s certificate and “Path
Length Constraint=1” means that there can only be one certification authority in
the certificate’s path.
CRL Distribution
Points
Points
This field displays how many directory servers with lists of revoked certificates the
issuing certification authority of this certificate makes available. This field also
displays the domain names or IP addresses of the servers.
issuing certification authority of this certificate makes available. This field also
displays the domain names or IP addresses of the servers.
MD5 Fingerprint
This is the certificate’s message digest that the ZyWALL calculated using the MD5
algorithm.
algorithm.
SHA1 Fingerprint
This is the certificate’s message digest that the ZyWALL calculated using the
SHA1 algorithm.
SHA1 algorithm.