Filter
Top Products
Chapter 14 Certificates 285
BCM50a Integrated Router Configuration — Basics
Valid To This field displays the date that the certificate expires. The text
displays in red and includes an Expiring! or Expired! message if the
certificate is about to expire or has already expired.
Key Algorithm This field displays the type of algorithm that was used to generate
the certificate key pair (the BCM50a Integrated Router uses RSA
encryption) and the length of the key set in bits (1 024-bits, for
example).
Subject Alternative
Name
This (optional) field displays the certificate owner‘s IP address (IP),
domain name (DNS), or e-mail address (EMAIL).
Key Usage This field displays for what functions the certificate key can be used.
For example, DigitalSignature means that the key can be used to
sign certificates and KeyEncipherment means that the key can be
used to encrypt text.
Basic Constraint This field displays general information about the certificate. For
example, Subject Type=CA means that this is a certification authority
certificate and Path Length Constraint=1 means that there can only
be one certification authority in the certification path of the certificate.
MD5 Fingerprint This is the message digest of the certificate that the BCM50a
Integrated Router calculated using the MD5 algorithm. You cannot
use this value to verify that this is the remote host’s actual certificate
because the BCM50a Integrated Router has signed the certificate;
thus causing this value to be different from that of the remote host’s
actual certificate. See “Verifying a certificate of a trusted remote
host” on page 279 for how to verify a remote host’s certificate.
SHA1 Fingerprint This is the message digest of the certificate that the BCM50a
Integrated Router calculated using the SHA1 algorithm. You cannot
use this value to verify that this is the remote host’s actual certificate
because the BCM50a Integrated Router has signed the certificate;
thus causing this value to be different from that of the remote host’s
actual certificate. See “Verifying a certificate of a trusted remote
host” on page 279 for how to verify a remote host’s certificate.
Certificate in PEM
(Base-64)
Encoded Format
This read-only text box displays the certificate or certification request
in Privacy Enhanced Mail (PEM) format. PEM uses 64 ASCII
characters to convert the binary certificate into a printable form.
You can copy and paste the certificate into an e-mail to send to
friends or colleagues or you can copy and paste the certificate into a
text editor and save the file on a management computer for later
distribution (through floppy disk for example).
Export Click this button and then Save in the File Download screen. The
Save As screen displays. Browse to the location that you want to
use and click Save.
Table 72 Trusted remote host details
Label Description