Chapter 58 Certificates
ZyWALL Series CLI Reference Guide
495
organizational_un
it
Identifies the organizational unit or department to which the certificate owner belongs.
You can use up to 31 characters. You can use alphanumeric characters, hyphen (-) and
underscore (_).
organization
Identifies the company or group to which the certificate owner belongs. You can use up
to 31 characters. You can use alphanumeric characters, the hyphen and the
underscore.
country
A two-letter country code, which identifies the nation where the certificate owner is
located. For example US, UK, ES, FR.
key_type
Sets the certificate’s encryption algorithm and signature hash algorithm.
Encryption algorithms:
• RSA: Rivest, Shamir and Adleman public-key algorithm.
• DSA: Digital Signature Algorithm public-key algorithm.
• ECDSA: Elliptic Curve Digital Signature Algorithm.
Signature hash algorithms:
• SHA256
• SHA384
• SHA512
If you set an encryption algorithm without specifiying a signature hash algorithm (for
example, key_type rsa), then .
Note: RSA and SHA256 are less secure but more compatible with different
clients and applications. ECDSA and SHA512 are the more secure but
less compatible.
key_length
Specifiy the length of the key, in bits. Allowed values:.
• ECDSA: 256, 384
• RSA/DSA: 512, 768, 1024, 1536, 2048, 4096
Typically, the longer the key, the more secure it is. A longer key also uses more PKI
storage space. ECDSA keys are significant shorter than RSA and DSA keys, while offering
equal or higher security.
password
When you have the Zyxel Device enroll for a certificate immediately online, the
certification authority may want you to include a key (password) to identify your
certification request. Use up to 31 of the following characters. a-zA-Z0-
9;|`~!@#$%^&*()_+\{}':,./<>=-
ca_name
When you have the Zyxel Device enroll for a certificate immediately online, you must
have the certification authority’s certificate already imported as a trusted certificate.
Specify the name of the certification authority’s certificate. It can be up to 31
alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=-
characters.
url
When you have the Zyxel Device enroll for a certificate immediately online, enter the IP
address (or URL) of the certification authority server. You can use up to 511 of the
following characters. a-zA-Z0-9'()+,/:.=?;!*#@$_%-
town
Identifies the city or town in which the certificate owner is located. You can use up to 31
characters. You can use alphanumeric characters, the hyphen and the underscore.
You can add multiple words by enclosing them in double quotes, for example “New
York”.
state
Identifies the state, province, or region in which the certificate owner is located. You can
use up to 31 characters. You can use alphanumeric characters, the hyphen and the
underscore.
You can add multiple words by enclosing them in double quotes, for example “New
Mexico”.
Table 282 Certificates Commands Input Values (continued)
LABEL DESCRIPTION
To Next Page
Loading...
