Filter
Top Products
Chapter 18 Certificates
NWA-3500/NWA-3550 User’s Guide
208
18.3 What You Need To Know
A Certification Authority (CA) issues certificates and guarantees the identity of
each certificate owner. There are commercial certification authorities like
CyberTrust or VeriSign and government certification authorities. Note that the
NWA also trusts any valid certificate signed by any of the imported trusted CA
certificates. You can use the NWA to generate certification requests that contain
identifying information and public keys and then send the certification requests to
a certification authority.
The NWA only has to store the certificates of the certification authorities that you
decide to trust, no matter how many devices you need to authenticate.
Certificates are based on public-private key pairs. Key distribution is simple and
very secure since you can freely distribute public keys and you never need to
transmit private keys.
The certification authority certificate that you want to import has to be in one of
these file formats:
• Binary X.509: This is an ITU-T recommendation that defines the formats for
X.509 certificates.
• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64
ASCII characters to convert a binary X.509 certificate into a printable form.
• Binary PKCS#7: This is a standard that defines the general syntax for data
(including digital signatures) that may be encrypted. The NWA currently allows
the importation of a PKS#7 file that contains a single certificate.
• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format
uses 64 ASCII characters to convert a binary PKCS#7 certificate into a printable
form.
You can have the NWA act as a certification authority and sign its own certificates.
See Section 18.4.2 on page 211 for details on how to apply this.
18.4 My Certificates Screen
Use this screen to view the NWA’s summary of certificates and certification
requests. Click Certificates > My Certificates. The following screen displays.