Specifications
3
Firewall Administration System (FAS)
Key size: Choose the key size here. A longer key is more difficult to
hack. Choose 1024 or 2048 bits.
After you have made all necessary settings, confirm with ‘Ok’. If the creation
of the Certificate Authority (CA) runs successfully, you will see a message to
that effect. Confirm by clicking on ‘Ok’.
Creating a Certificate
Now you can create certificates signed with your CA. Select ‘Certificate Man-
agement’ ➝ ‘Create Certificate’. A dialog window like Figure 3.56 on the
next page appears in which to enter the necessary details for a new certifi-
cate.
Some details have already been taken from the CA, so you only need to
choose a new name for the certificate (e. g., the name of the computer for
which the certificate is created), enter the previously defined CA password,
and enter a new certificate password, which is repeated for confirmation.
Choose the size of the key and click ‘Ok’.
After successfully generating the certificate, see a message of completion,
which you must confirm with ‘Ok’. Your newly created certificate now ap-
pears in the list.
Deleting a Cer tificate
Choose a certificate to revoke from the list. Select ‘Certificate Management’
➝ ‘Revoke certificate’. Enter the password for the CA with which the certifi-
cate was generated.
Confirm the deletion with ‘Yes’. An updated list of certificates is displayed.
Importing Certificates
Select ‘Certificate Management’ ➝ ‘Import Certificate’. Choose the file con-
taining the certificate from the directory listing that appears. A certificate to
import can exist in the following formats: DER, PEM, and PKCS12.
No further details are required for the formats DER and PEM. If the certifi-
cate is in the PKCS12 format, a password dialog appears. Enter the import
password set while exporting. Then set a new password for the certificate.
Confirm it by entering it again.
107SuSE Linux – Firewall on CD2