Netgear 05200007 User Manual
Reference Manual for the NETGEAR ProSafe VPN Client
Using the Certificate Manager
6-29
202-10015-01
•
On the Configuration Parameters dialog box, the Trust this certificate for IP security
check box is selected.
check box is selected.
•
When you view or verify the certificates, for Enh KeyUsage, the option IP security end
system appears.
system appears.
•
Root CAs that have issued a personal certificate to any of the computer's users
•
All root CAs installed on your computer (the local machine)
The trust policy also applies to personal certificates issued by a CA in the trust hierarchy for
remote parties that your security policy allows you to communicate with.
remote parties that your security policy allows you to communicate with.
Set the Trust Policy
The trust policy for certificates specifies which root CA certificates the client considers valid for
IPSec communications. When you set the trust policy on the Trust Policy tab in the Certificate
Manager, the trust policy selected on the Root CA Certificates and Root CA Certificates tabs
changes to reflect the Trust Policy tab setting.
IPSec communications. When you set the trust policy on the Trust Policy tab in the Certificate
Manager, the trust policy selected on the Root CA Certificates and Root CA Certificates tabs
changes to reflect the Trust Policy tab setting.
1.
In the Certificate Manager, click the Trust Policy tab.
2.
In the Specify which root certificate authorities (CAs) to trust group, select the trust policy:
•
To trust only those root CA certificates configured to be trusted for IPSec sessions, click
Trust specific root CAs.
Trust specific root CAs.
•
To trust only root CA certificates that issued a personal certificate to any of the computer's
users, click Trust CAs that have issued a local personal certificate.
users, click Trust CAs that have issued a local personal certificate.
•
To trust all the root CAs installed on your computer, click Trust all root CAs installed on
this computer
this computer
Caution: Depending on the operating system and Internet Explorer version installed on
your computer, there may be at least 100 root CA certificates on your computer. Before
you select this option, carefully consider the security ramifications.
your computer, there may be at least 100 root CA certificates on your computer. Before
you select this option, carefully consider the security ramifications.
The trust policy you select takes effect immediately.
Set the Trust Policy and View Trusted Root CA Certificates
Typically, you select the trust policy for the client on the Certificate Manager's Trust Policy tab.
The Root CA Certificates tab displays the trusted root CA certificates.
The Root CA Certificates tab displays the trusted root CA certificates.