SonicWALL TZ 190 Manuale Utente
System > Certificates
89
SonicOS Enhanced 4.0 Administrator Guide
Importing a Local Certificate
To import a local certificate, perform these steps:
Step 1
Click Import. The Import Certificate window is displayed.
Step 2
Enter a certificate name in the Certificate Name field.
Step 3
Enter the password used by your Certificate Authority to encrypt the PKCS#12 file in the
Certificate Management Password field.
Certificate Management Password field.
Step 4
Enter the path to the certificate file in the Please select a file to import field or click Browse
to locate the certificate file, and then click Open to set the directory path to the certificate.
to locate the certificate file, and then click Open to set the directory path to the certificate.
Step 5
Click Import to import the certificate into the SonicWALL security appliance. Once it is
imported, you can view the certificate entry in the Certificates and Certificate Requests table.
imported, you can view the certificate entry in the Certificates and Certificate Requests table.
Step 6
Moving your pointer to
icon in the Details column displays the certificate details
information.
Deleting a Certificate
To delete the certificate, click the delete icon. You can delete a certificate if it has expired or if
you decide not to use third party certificates for VPN authentication.
you decide not to use third party certificates for VPN authentication.
Certificate Revocation List (CRL)
A Certificate Revocation List (CRL) is a way to check the validity of an existing certificate. A
certificate may be invalid for several reasons:
certificate may be invalid for several reasons:
•
The status of the entity identified by the Certificate has changed in some way (for example,
an employee has left the company).
an employee has left the company).
•
The private key associated with a Certificate was stolen or compromised.
•
A new certificate was issued that takes precedence over the old certificate.
If a certificate is invalid, the CA may publish the certificate on a Certificate Revocation List at
a given interval, or on an online server in a X.509 v3 database using Online Certificate Status
Protocol (OCSP). Consult your CA provider for specific details on locating a CRL file or URL.
a given interval, or on an online server in a X.509 v3 database using Online Certificate Status
Protocol (OCSP). Consult your CA provider for specific details on locating a CRL file or URL.
Tip
The SonicWALL security appliance supports obtaining the CRL via HTTP or manually
downloading the list.
downloading the list.