Specifications

9-15

VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring

78-13274-01

Chapter 9 Certificate Management

Administration | Certificate Management | Certificates | View

MD5 Thumbprint

A 128-bit MD5 hash of the complete certificate contents, shown as a 16-byte string. This value is unique

for every certificate, and it positively identifies the certificate. If you question a certificate’s authenticity,

you can check this value with the issuer.

SHA1 Thumbprint

A 160-bit SHA-1 hash of the complete certificate contents, shown as a 20-byte string. This value is

unique for every certificate, and it positively identifies the certificate. If you question a certificate’s

authenticity, you can check this value with the issuer.

Validity

The time period during which this certificate is valid.

Format is MM/DD/YYYY at HH:MM:SS AM/PM to MM/DD/YYYY at HH:MM:SS AM/PM. Time

uses 12-hour AM/PM notation, and is local system time.

The Manager checks the validity against the VPN Concentrator system clock, and it flags expired

certificates.

Subject Alternative Name (Fully Qualified Domain Name)

The fully qualified domain name for this VPN Concentrator that identifies it in this PKI. The alternative

name is an optional additional data field in the certificate, and it provides interoperability with many

Cisco IOS and PIX systems in LAN-to-LAN connections.

CRL Distribution Point

The distribution point for CRLs (Certificate Revocation Lists) from this CA. If this information is

included in the certificate in the proper format, and you enable CRL checking, you do not have to provide

it on the Administration | Certificate Management | Certificates | CRL screen.

Back

To return to the Administration | Certificate Management | Certificates screen, click Back.