ZyXEL Communications NWA-3500 ユーザーズマニュアル

Chapter 18 Certificates

NWA-3500/NWA-3550 User’s Guide

A Certification Authority (CA) issues certificates and guarantees the identity of 
each certificate owner. There are commercial certification authorities like 
CyberTrust or VeriSign and government certification authorities. Note that the 
NWA also trusts any valid certificate signed by any of the imported trusted CA 
certificates. You can use the NWA to generate certification requests that contain 
identifying information and public keys and then send the certification requests to 
a certification authority. 

The NWA only has to store the certificates of the certification authorities that you 
decide to trust, no matter how many devices you need to authenticate. 

Certificates are based on public-private key pairs. Key distribution is simple and 
very secure since you can freely distribute public keys and you never need to 
transmit private keys.

The certification authority certificate that you want to import has to be in one of 
these file formats:

• Binary X.509: This is an ITU-T recommendation that defines the formats for 

X.509 certificates.

• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 

ASCII characters to convert a binary X.509 certificate into a printable form.

• Binary PKCS#7: This is a standard that defines the general syntax for data 

(including digital signatures) that may be encrypted. The NWA currently allows 

the importation of a PKS#7 file that contains a single certificate.

• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format 

uses 64 ASCII characters to convert a binary PKCS#7 certificate into a printable 

form.

You can have the NWA act as a certification authority and sign its own certificates. 
See 

 for details on how to apply this.

Use this screen to view the NWA’s summary of certificates and certification 
requests. Click Certificates > My Certificates. The following screen displays.