Black Box ET0010A User Manual

Using Enhanced Security Features

280

EncrypTight User Guide

NOTE

The procedure for obtaining a CA certificate varies with each CA. These are the typical steps.

To obtain a CA certificate from a CA:
1 On the CA's website, complete the registration process.
2 Download the CA certificate from the CA's website.
3 In the Certificate Manager, install the CA certificate as an external certificate.

To use the peer appliance’s identity certificate as an external certificate:
1 Export the certificate from the peer appliance.
2 Install the certificate file as an external certificate.

See the following topics for more information:

●

“Installing an External Certificate” on page 280

●

“Exporting a Certificate” on page 286

Installing an External Certificate

Use the following procedure to install a CA certificate or peer certificate as an external certificate. The
external certificate must be a PEM encoded file.

To install an external certificate:
1 In the Appliances view, right-click the appliance on which to install the external certificate and click

Install External Certificate in the shortcut menu.

2 In the Import Certificate window, browse to the location of the PEM encoded certificate file and

select it.

3 Click Open.
4 In the Certificate Use window, click the option that represents the intended use of this certificate. In

most cases, you will choose Trusted Certificate for IPSec Peer Authentication. Only select OCSP
Responder Certificate if this is a certificate from an OCSP responder. For more information about
OCSP, see

“Validating Certificates Using OCSP” on page 289

A dialog box indicates the progress as the certificate is installed on the appliance.

The “Used For” column of the Certificates view indicates the intended use of the certificate.