Zyxel D1000 eircom Router Manual PDF (Setup & Configuration Guide)

Page 166 / 228 Scroll up to view Page 161 - 165

Chapter 14 Parental Control

ericom D1000 modem User’s Guide

166

Page 167 / 228

ericom D1000 modem User’s Guide

167

C

HAPTER

15

Certificates

15.1

Overview

The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based

on public-private key pairs. A certificate contains the certificate owner’s identity and public key.

Certificates provide a way to exchange public keys for use in authentication.

15.1.1

What You Can Do in this Chapter

•

Use the

Local Certificates

screen to view and import the Device’s CA-signed certificates

(

Section 15.3 on page 167

).

• The

Trusted CA

screen lets you save the certificates of trusted CAs to the Device (

Section 15.4

on page 169

).

15.2

What You Need to Know

The following terms and concepts may help as you read through this chapter.

Certification Authority

A Certification Authority (CA) issues certificates and guarantees the identity of each certificate

owner. There are commercial certification authorities like CyberTrust or VeriSign and government

certification authorities. The certification authority uses its private key to sign certificates. Anyone

can then use the certification authority's public key to verify the certificates. You can use the Device

to generate certification requests that contain identifying information and public keys and then send

the certification requests to a certification authority.

Certificate File Format

The certification authority certificate that you want to import has to be in one of these file formats:

•

PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII characters to

convert a binary X.509 certificate into a printable form.

15.3

Local Certificates

Use this screen to view the Device’s summary list of certificates and certification requests. You can

import the following certificates to your Device:

Page 168 / 228

Chapter 15 Certificates

ericom D1000 modem User’s Guide

168

•

Web Server - This certificate secures HTTP connections.

•

SSH - This certificate secures remote connections.

Click

Security >

Certificates

to open the

Local Certificates

screen.

Figure 114

Security > Certificates > Local Certificates

The following table describes the labels in this screen.

Table 65

Security > Certificates > Local Certificates

LABEL

DESCRIPTION

WebServer

Click

Browse...

to find the certificate file you want to upload.

Current File

This field displays the name used to identify this certificate. It is recommended that you

give each certificate a unique name.

Subject

This field displays identifying information about the certificate’s owner, such as

CN

(Common Name),

OU

(Organizational Unit or department),

O

(Organization or

company) and

C

(Country). It is recommended that each certificate have unique

subject information.

Issuer

This field displays identifying information about the certificate’s issuing certification

authority, such as a common name, organizational unit or department, organization or

company and country.

Valid From

This field displays the date that the certificate becomes applicable. The text displays in

red and includes a

Not Yet Valid!

message if the certificate has not yet become

applicable.

Valid To

This field displays the date that the certificate expires. The text displays in red and

includes an

Expiring!

or

Expired!

message if the certificate is about to expire or has

already expired.

Cert

Click this button and then

Save

in the

File Download

screen. The

Save As

screen

opens, browse to the location that you want to use and click

Save

.

SSH

Type in the location of the

SSH

certificate file you want to upload in this field or click

Browse

to find it.

Current File

This field displays the name used to identify this certificate. It is recommended that you

give each certificate a unique name.

Page 169 / 228

Chapter 15 Certificates

ericom D1000 modem User’s Guide

169

15.4

The Trusted CA Screen

Use this screen to view a summary list of certificates of the certification authorities that you have

set the Device to accept as trusted. The Device accepts any valid certificate signed by a certification

authority on this list as being trustworthy; thus you do not need to import any certificate that is

signed by one of these certification authorities.

Click

Security > Certificates >

Trusted CA

to open the

Trusted CA

screen.

Figure 115

Security > Certificates > Trusted CA

The following table describes the fields in this screen.

15.5

Trusted CA Import

Click

Import

Certificate

in

the

Trusted CA

screen to open the

Import

Certificate

screen. You

can save a trusted certification authority’s certificate to the Device.

Key Type

This field applies to the

SSH

certificate.

This shows the file format of the current certificate.

Replace

Click this to replace the certificate(s) and save your changes back to the Device.

Reset

Click this to clear your settings.

Table 65

Security > Certificates > Local Certificates (continued)

LABEL

DESCRIPTION

Table 66

Security > Certificates > Trusted CA

LABEL

DESCRIPTION

Import Certificate

Click this button to open a screen where you can save the certificate of a certification

authority that you trust to the Device.

Name

This field displays the name used to identify this certificate.

Subject

This field displays information that identifies the owner of the certificate, such as

Common Name (CN), OU (Organizational Unit or department), Organization (O), State

(ST) and Country (C). It is recommended that each certificate have unique subject

information.

Type

This field displays general information about the certificate.

ca

means that a

Certification Authority signed the certificate.

Action

Click

View

to open a screen with an in-depth list of information about the certificate.

Click

Remove

to delete the certificate.

Page 170 / 228

Chapter 15 Certificates

ericom D1000 modem User’s Guide

170

Note: You must remove any spaces from the certificate’s filename before you can import

the certificate.

Figure 116

Trusted CA > Import

The following table describes the labels in this screen.

15.6

View Certificate

Use this screen to view in-depth information about the certification authority’s certificate, change

the certificate’s name and set whether or not you want the Device to check a certification

authority’s list of revoked certificates before trusting a certificate issued by the certification

authority.

Click

Security

>

Certificates

>

Trusted CA

to open the

Trusted CA

screen. Click the

View

icon

to open the

View Certificate

screen.

Figure 117

Trusted CA: View

Table 67

Security > Certificates > Trusted CA > Import

LABEL

DESCRIPTION

Certificate File Path

Type in the location of the file you want to upload in this field or click

Browse

to find it.

Browse

Click

Browse

to find the certificate file you want to upload.

Apply

Click

Apply

to save the certificate on the Device.

Back

Click

Back

to return to the previous screen.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share