ZyXEL 35 사용자 가이드

 

 

All contents copyright (c) 2006 ZyXEL Communications Corporation.   

83

The most critical part for online certification request would be we need to send the certification request over 

Internet, which is an insecure environment. To prevent certification request from being modified or 

eavesdropped, we need to download CA server's certificate in the first step. When ZyWALL delivers the 

certification requests, the public key in CA server's certificate will be used to protect the data. 

You may need to access CA server's WEB interface or contact the administrator to get CA's certificate. Then 

you can go to SECURITY->CERTIFICATES->Trusted CAs to import the downloaded certificate. 

 

Step 2. Create certificate request and enroll certificate request on ZyWALL A   

 

1.

      

Input a name, for this Certificate so you can identify this Certificate later.    

2.

      

In Subject Information, give this certificate a Common Name by either Host IP Address, Host Domain 

Name or E-Mail address. Organizational Unit, Organization, Country are optional fields, you are free to 

either enter them or not.    

3.

      

Finally, specify the key length.    

4.

      

Select Create a certification request and enroll for a certificate immediately online.   

5.

      

Specify the Enrollment Protocol to Simple Certificate Enrollment Protocol (SCEP).   

6.

      

In the "CA Server's Address" field, input the URL to access CA server, for example, 

http://1.1.1.1:8080/scep/

   

7.

      

Choose the previously downloaded CA server's certificate from the drop down list.