Page 166 / 298 Scroll up to view Page 161 - 165
Vigor2930 Series User’s Guide
158
3.10 Certificate Management
A digital certificate works as an electronic ID, which is issued by a certification authority
(CA). It contains information such as your name, a serial number, expiration dates etc., and
the digital signature of the certificate-issuing authority so that a recipient can verify that the
certificate is real. Here Vigor router support digital certificates conforming to standard
X.509.
Any entity wants to utilize digital certificates should first request a certificate issued by a CA
server. It should also retrieve certificates of other trusted CA servers so it can authenticate
the peer with certificates issued by those trusted CA servers.
Here you can manage generate and manage the local digital certificates, and set trusted CA
certificates. Remember to adjust the time of Vigor router before using the certificate so that
you can get the correct valid period of certificate.
Below shows the menu items for Certificate Management.
3.10.1 Local Certificate
This page allows users to adopt single certificate or mutliple certificates for certification
through generating or importing. Users can generate up to three local certificats or they can
import the third-party certificate(s) to fit different requests.
GENERATE
Click this button to open
Generate Certificate Signing Request
window. Type in all the
information that the window request such as certifcate name (used for identifying different
certificate), subject alternative name type and relational settings for subject name. Then click
GENERATE
again.
Page 167 / 298
igor2930 Series User’s Guide
159
Note:
Please be noted that “Common Name” must be configured with rotuer’s WAN IP
or domain name.
After clicking
GENERATE
, the generated information will be displayed on the window
below:
IMPORT
Vigor router allows you to generate a certificate request and submit it the CA server, then
import it as “Local Certificate”. If you have already gotten a certificate from a third party,
you may import it directly. The supported types are PKCS12 Certificate and Certificate with
a private key.
Click this button to import a saved file as the certification information. There are three types
of local certificate supported by Vigor router.
Page 168 / 298
Vigor2930 Series User’s Guide
160
Upload Local Certificate
It allows users to import the certificate which is generated by
vigor router and signed by CA server.
If you have done well in certificate generation, the Status of
the certificate will be shown as “
OK
”.
Upload PKCS12
Certificate
It allows users to import the certificate whose extensions are
usually .pfx or .p12. And these certificates usually
need passwords.
Note:
PKCS12 is a standard for storing private keys and
certificates securely. It is used in (among other things)
Netscape and Microsoft Internet Explorer with their import
and export options.
Upload Certificate and
Private Key
It is useful when users have separated certificates and private
keys. And the password is needed if the private key is
encrypted.
Page 169 / 298
igor2930 Series User’s Guide
161
REFRESH
Click this button to refresh the information listed below.
View
Click this button to view the detailed settings for certificate request.
Note:
You have to copy the certificate request information from above window. Next,
access your CA server and enter the page of certificate request, copy the information
into it and submit a request. A new certificate will be issued to you by the CA server.
You can save it.
Page 170 / 298
Vigor2930 Series User’s Guide
162
3.10.2 Trusted CA Certificate
Trusted CA certificate lists three sets of trusted CA certificate.
To import a pre-saved trusted CA certificate, please click
IMPORT
to open the following
window. Use
Browse…
to find out the saved text file. Then click
Import
. The one you
imported will be listed on the Trusted CA Certificate window. Then click
Import
to use the
pre-saved file.
For viewing each trusted CA certificate, click
View
to open the certificate detail information
window. If you want to delete a CA certificate, choose the one and click
Delete
to remove all
the certificate information.

Rate

4 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top