NXC5200 User’s Guide
441
C
H A P T E R
3 2
Certificates
32.1 Overview
The NXC can use certificates (also called digital IDs) to authenticate users.
Certificates are based on public-private key pairs. A certificate contains the
certificate owner’s identity and public key. Certificates provide a way to exchange
public keys for use in authentication.
32.1.1 What You Can Do in this Chapter
• The My Certificate screens (
) generate and export
self-signed certificates or certification requests and import the NXC’s CA-signed
certificates.
• The Trusted Certificates screens (
) save CA
certificates and trusted remote host certificates to the NXC. The NXC trusts any
valid certificate that you have imported as a trusted certificate. It also trusts any
valid certificate signed by any of the certificates that you have imported as a
trusted certificate.
32.1.2 What You Need to Know
The following terms and concepts may help as you read this chapter.
When using public-key cryptology for authentication, each host has two keys. One
key is public and can be made openly available. The other key is private and must
be kept secure.
These keys work like a handwritten signature (in fact, certificates are often
referred to as “digital signatures”). Only you can write your signature exactly as it
should look. When people know what your signature looks like, they can verify
whether something was signed by you, or by someone else. In the same way, your
private key “writes” your digital signature and your public key allows people to
verify whether data was signed by you, or by someone else.