5.17 CERTIFICATES
5.17.1 INTRODUCTION
ADVANCED SETUP > CERTIFICATES
In cryptography, a certificate authority, or certification authority, (CA)
is an entity that issues digital certificates. The digital certificate certifies the
ownership of a public key by the named subject of the certificate. This
allows others (relying parties) to rely upon signatures or assertions made by
the private key that corresponds to the public key that is certified. In this
model of trust relationships, a CA is a trusted third party that is trusted by
both the subject (owner) of the certificate and the party relying upon the
certificate. CAs are characteristic of many public key infrastructure (PKI)
schemes.
Commercial CAs charge to issue certificates that will automatically be
trusted by most web browsers (Mozilla maintains a list of at least 36 trusted
root CAs, though multiple commercial CAs or their resellers may share the
same trusted root).
The number of web browsers and other devices and applications that trust a
particular certificate authority is referred to as ubiquity.
Aside from commercial CAs, some providers issue digital certificates to the
public at no cost. Large institutions or government entities may have their
own CAs.
The commercial CAs that issue the bulk of certificates that clients trust for email servers and public
HTTPS servers typically use a technique called "domain validation" to authenticate the recipient of
the certificate. Domain validation involves sending an email containing an authentication token or
link, to an email address that is known to be administratively responsible for the domain. This could
be the technical contact email address listed in the domain's WHOIS entry, or an administrative email
like postmaster@ or root@ the domain. The theory behind domain validation is that only the
legitimate owner of a domain would be able to read emails sent to these administrative addresses
5.17.2 CONFIGURING A CERTIFICATE OF AUTHORITY
Select Certificate > Local to select a local certificate.
This opens a page to configure a Local Certificate, with a Local certificate there are two options to
choose from;
1. Create a new Certificate Request
Certificates are a digital means of ensuring the identity of a machine or individual and providing keys
for encryption. These certificates also need to be certified by a root certification authority (CA).
2. Import a certificate
You can also import a certificate from another server instead of recreating the certificate on the
current server. Having selected Local certificate the following table will be displayed showing any
certificates already configured.
Add, View or Remove certificates from this page. Local certificates are used by peers to verify your
identity. Maximum 4 certificates can be stored.
To Next Page
Loading...
