User's Manual

Chapter 15 Certificates

P-2612HW Series User’s Guide

300

One exception is that you can import a PKCS#12 format certificate without a

corresponding certification request since the certificate includes the private key.

Note: Remove any spaces from the certificate’s filename before you import it.

Certificate File Formats

The certification authority certificate that you want to import has to be in one of

these file formats:

• Binary X.509: This is an ITU-T recommendation that defines the formats for

X.509 certificates.

• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64

ASCII characters to convert a binary X.509 certificate into a printable form.

• Binary PKCS#7: This is a standard that defines the general syntax for data

(including digital signatures) that may be encrypted. The ZyXEL Device

currently allows the importation of a PKS#7 file that contains a single

certificate.

• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses

64 ASCII characters to convert a binary PKCS#7 certificate into a printable

form.

• Binary PKCS#12: This is a format for transferring public key and private key

certificates. The private key in a PKCS #12 file is within a password-encrypted

envelope. The file’s password is not connected to your certificate’s public or

private passwords. Exporting a PKCS #12 file creates this and you must provide

it to decrypt the contents when you import the file into the ZyXEL Device.

Note: Be careful not to convert a binary file to text during the transfer process. It is

easy for this to occur since many programs use text files by default.