Verifying a certificate for peer
You can configure the settings for verifying reliability of the certificate (expiration date, CN, key usage, etc.).
To check the expiration of certificate, register the URL of the Online Certificate Status Protocol (OCSP) service.
In the administrator mode, select [Security] - [Certificate Verification Settings], then configure the following settings.
Settings | Description | |
---|---|---|
[Certificate Verification Settings] | Select [ON] to verify reliability of the certificate for peer. [ON] is specified by default. | |
[Timeout] | Change the time-out time of certificate expiration confirmation if necessary. [30] sec. is specified by default. | |
[OCSP Service] | Using the Online Certificate Status Protocol (OCSP) enables you to check online whether or not the certificate is expired. Select this check box to use the OCSP service. Enter the URL of the OCSP service (using up to 511 characters). If [URL] is left blank, the URL of the OCSP service embedded in the certificate will be used. | |
[Proxy Settings] | To confirm the expiration date via a proxy server, register the proxy server currently used. | |
[Proxy Server Address] | Enter the address of the proxy server you are using. Use one of the following formats.
| |
[Proxy Server Port Number] | If necessary, change the proxy server port number. [8080] is specified by default. | |
[User Name] | Enter the user name to log in to the proxy server (using up to 63 characters). | |
[Password] | Enter the password of the user name you entered into [User Name] (using up to 63 characters). To enter (change) the password, select the [Password is changed.] check box, then enter a new password. | |
[Address not using Proxy Server] | If necessary, enter the address that does not use the proxy server. Use one of the following formats.
|