Справочник Пользователя для ZyXEL Communications 5 Series
Chapter 20 Certificates
ZyWALL 5/35/70 Series User’s Guide
407
20.4 The My Certificate Import Screen
You can only import a certificate that matches a corresponding certification request that was
generated by the ZyWALL (the certification request contains the private key). The certificate
you import replaces the corresponding request in the My Certificates screen.
generated by the ZyWALL (the certification request contains the private key). The certificate
you import replaces the corresponding request in the My Certificates screen.
One exception is that you can import a PKCS#12 format certificate without a corresponding
certification request since the certificate includes the private key.
certification request since the certificate includes the private key.
"
Remove any spaces from the certificate’s filename before you import it.
Certificate File Formats
The certification authority certificate that you want to import has to be in one of these file
formats:
formats:
• Binary X.509: This is an ITU-T recommendation that defines the formats for X.509
certificates.
• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII
characters to convert a binary X.509 certificate into a printable form.
• Binary PKCS#7: This is a standard that defines the general syntax for data (including
digital signatures) that may be encrypted. The ZyWALL currently allows the importation
of a PKS#7 file that contains a single certificate.
of a PKS#7 file that contains a single certificate.
• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses 64
ASCII characters to convert a binary PKCS#7 certificate into a printable form.
• Binary PKCS#12: This is a format for transferring public key and private key certificates.
The private key in a PKCS #12 file is within a password-encrypted envelope. The file’s
password is not connected to your certificate’s public or private passwords. Exporting a
PKCS #12 file creates this and you must provide it to decrypt the contents when you
import the file into the ZyWALL.
password is not connected to your certificate’s public or private passwords. Exporting a
PKCS #12 file creates this and you must provide it to decrypt the contents when you
import the file into the ZyWALL.
"
Be careful not to convert a binary file to text during the transfer process. It is
easy for this to occur since many programs use text files by default.
easy for this to occur since many programs use text files by default.
20.4.1 Using the My Certificate Import Screen
Click SECURITY > CERTIFICATES > My Certificates and then Import to open the My
Certificate Import screen. Follow the instructions in this screen to save an existing certificate
from a computer to the ZyWALL.
Certificate Import screen. Follow the instructions in this screen to save an existing certificate
from a computer to the ZyWALL.