Chapter 24 System
USG FLEX H Series User’s Guide
383
The following table describes the labels in this screen.
Table 190 System > My Certificates > Add
LABEL DESCRIPTION
Name Type a name to identify this certificate. You can use up to 31 alphanumeric and
;‘~!@#$%^&()_+[]{}’,.=-
characters.
Subject Information Use these fields to record information that identifies the owner of the certificate. You do
not have to fill in every field, although you must specify a Host IP Address, Host Domain
Name, or E-Mail. The certification authority may add fields (such as a serial number) to the
subject information when it issues a certificate. It is recommended that each certificate
have unique subject information.
Select a radio button to identify the certificate’s owner by IP address, domain name or
email address. Type the IP address (in dotted decimal notation), domain name or email
address in the field provided. The domain name or email address is for identification
purposes only and can be any string.
A domain name can be up to 30 characters. You can use alphanumeric characters and
periods.
An email address can be up to 63 characters. You can use alphanumeric characters, the
hyphen, the @ symbol, periods and the underscore.
Organizational Unit Identify the organizational unit or department to which the certificate owner belongs. You
can use up to 31 characters. You can use alphanumeric characters, the hyphen and the
underscore.
Organization Identify the company or group to which the certificate owner belongs. You can use up to
31 characters. You can use alphanumeric characters, the hyphen and the underscore.
Town (City) Identify the town or city where the certificate owner is located. You can use up to 31
characters. You can use alphanumeric characters, the hyphen and the underscore.
State (Province) Identify the state or province where the certificate owner is located. You can use up to 31
characters. You can use alphanumeric characters, the hyphen and the underscore.
Country Enter a two-letter country code to Identify the nation where the certificate owner is
located.
Key Type This sets the certificate’s encryption algorithm and signature hash algorithm.
Encryption algorithms:
• RSA: Rivest, Shamir and Adleman public-key algorithm.
• DSA: Digital Signature Algorithm public-key algorithm.
• ECDSA: Elliptic Curve Digital Signature Algorithm.
Signature hash algorithms:
• SHA256
• SHA384
• SHA512
RSA and SHA256 are less secure but more compatible with different clients and
applications. ECDSA and SHA512 are the more secure but less compatible.
Key Length Select a number from the drop-down list box to determine how many bits the key should
use (256 to 384). The longer the key, the more secure it is. A longer key also uses more PKI
storage space. ECDSA keys are significant shorter than RSA and DSA keys, while offering
equal or higher security.
LifeTimes Select how long the certificate is valid. It can be valid from 1 to 10 years.
Extended Key Usage
Server Authentication Select this to have Zyxel Device generate and store a request for server authentication
certificate.
Client Authentication Select this to have Zyxel Device generate and store a request for client authentication
certificate.
To Next Page
Loading...
