Specifications
9-8
VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring
78-13274-01
Chapter 9 Certificate Management
Administration | Certificate Management | Installation
Administration | Certificate Management | Installation
This Manager screen lets you install digital certificates on the VPN Concentrator.
You can install certificates obtained via enrollment with a CA in a PKI (where the private key is
generated on—and stays hidden on—the VPN Concentrator, or you can install certificates imported
along with the private key from some source (PKCS-12 format). The latter certificate installation
process is not secure, and we strongly recommend not using it unless you are absolutely certain of its
integrity.
Note You must install the CA root certificate first, then install any other subordinate certificates from the
CA. Install the identity certificate last.
You can also install an SSL server identity certificate issued in a PKI context (not a self-signed SSL
certificate). If you install such a certificate, it replaces any self-signed SSL certificate. The VPN
Concentrator can have only one SSL certificate, regardless of type.
Figure 9-5 Administration | Certificate Management | Installation Screen