Filter
Top Products
Chapter 3 Running the Cisco VPN 5000 Client
Setting Up Digital Certificates
3-4
Cisco VPN 5000 Client User Guide for Mac OS X
OL-1446-02
Step 9 Connect to the server as described in the “Connecting to the VPN Concentrator”
section on page 3-8.
Setting Up Digital Certificates
Digital certificates are special encrypted text files that are generated by a trusted
Certificate Authority (CA). Certificates encrypt and decrypt your data, and
replace the shared secret method for user and concentrator authentication.
The VPN client can be configured to use root (manual) certificates or user
certificates. Root certificates authenticate the concentrator that you are
connecting to. User certificates authenticate both the concentrator and the user.
Digital certificates can be obtained using any of the following methods:
• You can import certificates from another location using a browser window.
This method is discussed in the following sections.
• You can request a root or user certificate from a CA using the Certificates tab
of the VPN Client window. See the “Requesting Certificates from a
Certificate Authority” section on page 3-7.
Manual and user certificates are defined in the configuration file for each user. For
information on the configuration file, see the “Configuration File Description”
section on page 3-9.
Manual Certificates
If you choose the manual login method, the system uses a root certificate to
validate the concentrator to the VPN client.
Each VPN client uses a root certificate file, called rootcert, which is generated by
the same CA that generated the concentrator’s certificate. The root certificate
identifies the CA to the client. All clients connecting to concentrators certified by
the same CA use the same root certificate.
Note If one or more root certificate files are already defined in the configuration file,
you are not prompted to select one.