Filter
Top Products
14 Administration
14-36
VPN 3000 Concentrator Series User Guide
Installing digital certificates on the VPN Concentrator
Installing a digital certificate on the VPN Concentrator requires these steps:
1 Use the
Administration | Certificate Management | Enrollment screen to generate a certificate request.
Save the request as a file, or copy it to the clipboard.
2 Send the certificate request to a CA, usually using the CA’s Web interface. Most CAs let you submit
the request by pasting from the clipboard; otherwise, you can send a file.
3 From the CA, receive root (and perhaps subordinate) and identity certificates. Save them as text files
on your PC or other reachable network host; do not open them or install them in your browser.
4 Use the
Administration | Certificate Management | Installation screen to:
a Install the root certificate on the VPN Concentrator first.
b Then install any subordinate certificate(s).
c Finally, install the identity certificate.
5 Use the
Administration | Certificate Management | Certificates screen to view the certificates and check
them, and perhaps to enable revocation checking.
(You must complete the enrollment and certificate installation process within one week of generating
the request.)
See the appropriate
Administration | Certificate Management screen for more details.
Administration | Certificate Management | Enrollment
This screen lets you generate a certificate request to send to a CA (Certificate Authority), to enroll the
VPN Concentrator in a PKI.
The entries you make on this screen are governed by PKI standards and practices. The fields conform to
ITU-T Recommendation X.520: Selected Attribute Types. You must get from the CA whether to make
an entry and what to enter (format, content, and syntax). You must at least enter the
Common Name (CN).
All entries may appear in your identity certificate.
When you click
Apply, the system generates a certificate request; see the Administration | Certificate
Management | Enrollment | Request Generated
screen.