53.3. Certificate

  1. Go to Configuration > Object > Certificates. You can create a new certificate using Add.

  2. Enter a name for the new certificate, enter a host domain name for the ZyWALL (doesn't need to actually exist) and create a self-signed certificate with 2048 bit RSA.

  3. Certificate creation takes up to 5 minutes.

  4. Open the detailed data of the certificate using Edit.

  5. Copy the certificate in PEM format to the clipboard.

  6. Paste the certificate from the clipboard into the Intra2net system under System > Keys > Foreign keys.

  7. Under IPSec ID, select just the DNS host name, not the certificate holder ("/CN=" etc.).

  8. Export your own certificate from the Intra2net system as a .pem file (Under System > Keys > Own keys, Data tab.

  9. Import the Intra2net system certificate into ZyWALL, under the menu Configuration > Object > Certificate, tab Trusted Certificates. Click Import below.

  10. Select the directory in which you have saved the certificate of the Intra2net system.

  11. The Intra2net system certificate is now displayed as a Trusted Certificate.