ProSafe VPN Firewall 200 FVX538 Reference Manual
5-28 Virtual Private Networking
v1.0, August 2006
The Active Self Certificates table shows the Certificates issued to you by the various CAs
(Certification Authorities), and available for use. For each Certificate, the following data is listed:
• Name. The name you used to identify this Certificate.
• Subject Name. This is the name which other organizations will see as the Holder (owner) of
this Certificate. This should be your registered business name or official company name.
Generally, all Certificates should have the same value in the Subject field.
• Serial Number. It is a serial number maintained by the CA. It is used to identify the certificate
with in the CA.
• Issuer Name. The name of the CA which issued the Certificate.
• Expiry Time. The date on which the Certificate expires. You should renew the Certificate
before it expires.
Generating a Self Certificate Request
To use a Certificate, you must first request the certificate from the CA, then download and activate
the certificate on your system.
To request a Certificate from the CA:
1. From the main menu under VPN, select the Certificates submenu. The Certificates screen
will display.
2. In the Generate Self Certificate Request, enter the required data:
• Name – Enter a name that will identify this Certificate.
• Subject – This is the name which other organizations will see as the Holder (owner) of the
Certificate. Since this name will be seen by other organizations, you should use your
registered business name or official company name. (Using the same name, or a derivation
of the name, in the Title field would be useful.)
• From the pull-down menus, select the following values:
– Hash Algorithm: MD5 or SHA2.
– Signature Algorithm: RSA.
– Signature Key Length: 512, 1024, 2048. (Larger key sizes may improve security, but
may also impact performance.)
3. Complete the Optional fields, if desired, with the following information:
• IP Address – If you have a fixed IP address, you may enter it here. Otherwise, you should
leave this field blank.