Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
221222223224225226227228229230
Virtual Private Networking
223
Windows IPSec requires the certificates to be in a PKCS12 format file. This format
combines the CA certificate, local public certificate and local private key certificate into
one file.
openssl pkcs12 -export -inkey cert1.key -in cert1.pem -certfile
rootCA/ca.pem -out cert1.p12 -name "Certificate 1"
To install the new PCKS12 file, cert1.p12, on Windows XP, open up the Microsoft
Management Console (Start -> Run -> then type mmc).
Add the Certificate Snap-in (File -> Add/Remove Snap-in -> Add -> select
Certificates -> Add -> select the account level you want the certificates installed for
(i.e. current user vs. all users) (-> Local Computer) -> Close -> OK.
Double click Certificates to open the store.
Select the Personal store.
Import new certificate (Action -> All Tasks -> Import).
Locate cert1.p12.
Type in the Export Password if you used one.
Select Automatically select the certificate store based on the type of certificate.
Add certificates
To add certificates to the SG unit, select IPSec from the VPN section of the main menu
and then click the Certificate Lists tab at the top of the window. Any previously
uploaded certificates are displayed, and may be removed by clicking the corresponding
Delete icon.
Select the certificate type click New. You may add a CA Certificate (Certificate
Authority), CRL Certificate (Certificate Revocation List) or Local Certificate.