ZyXEL Communications ZyWALL5UTM 4.0 User Manual
ZyWALL 5/35/70 Series User’s Guide
357
Chapter 20 Certificates
20.12 Verifying a Trusted Remote Host’s Certificate
Certificates issued by certification authorities have the certification authority’s signature for
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host’s self-
signed certificate.
you to check. Self-signed certificates only have the signature of the host itself. This means that
you must be very careful when deciding to import (and thereby trust) a remote host’s self-
signed certificate.
20.12.1 Trusted Remote Host Certificate Fingerprints
A certificate’s fingerprints are message digests calculated using the MD5 or SHA1 algorithms.
The following procedure describes how to use a certificate’s fingerprint to verify that you have
the remote host’s actual certificate.
The following procedure describes how to use a certificate’s fingerprint to verify that you have
the remote host’s actual certificate.
1 Browse to where you have the remote host’s certificate saved on your computer.
2 Make sure that the certificate has a “.cer” or “.crt” file name extension.
Figure 169 Remote Host Certificates
3 Double-click the certificate’s icon to open the Certificate window. Click the Details tab
and scroll down to the Thumbprint Algorithm and Thumbprint fields.
Import
Click Import to open a screen where you can save the certificate of a remote host
(which you trust) from your computer to the ZyWALL.
Refresh
Click this button to display the current validity status of the certificates.
Table 117 Trusted Remote Hosts (continued)
LABEL
DESCRIPTION