Netgear 05200007 Manual Do Utilizador
Reference Manual for the NETGEAR ProSafe VPN Client
6-2
Using the Certificate Manager
202-10015-01
Getting Started with the Certificate Manager
If you are using preshared keys for authentication in your VPN, or secure connection, to the other
party, you don't have to open the Certificate Manager; skip all the topics in the Certificate Manager
book in the help.
party, you don't have to open the Certificate Manager; skip all the topics in the Certificate Manager
book in the help.
If you are using certificates for authentication with the remote party to your VPN, and don't
already have a CA and personal certificate, you need to obtain these. However, depending on your
network and installed applications and hardware at any particular site, specific tasks may not
apply; additional tasks may be required. For details on the tasks to perform, contact your network
security administrator.
already have a CA and personal certificate, you need to obtain these. However, depending on your
network and installed applications and hardware at any particular site, specific tasks may not
apply; additional tasks may be required. For details on the tasks to perform, contact your network
security administrator.
These are the typical tasks to perform to obtain and manage certificates:
1.
Select a CA.
2.
Determine its enrollment method; go to CD enrollment methods and procedures.
3.
Obtain a CA and personal certificate. There are three methods for doing this:
•
Online enrollment
•
File-based enrollment
•
Through Internet Explorer
The help contains topics on these methods; go to the Obtain certificates book in the
Certificate Manager book.
Certificate Manager book.
4.
Manage the various certificates obtained. In the help, go to the Manage certificates book in
the Certificate Manager book.
the Certificate Manager book.
5.
Work with certificate revocation lists (CRLs).
6.
Set the trust policy.
What are Certificates?
To set up a VPN, or secure connection, between the client installed on your computer and a remote
party, both parties must identify themselves, and then verify that each is really who it indicates it
is. One way to do this is with a preshared key that both parties know in advance.
party, both parties must identify themselves, and then verify that each is really who it indicates it
is. One way to do this is with a preshared key that both parties know in advance.
A more secure way to identify the two parties is through certificates. A certificate is an electronic
document that contains a public key and is digitally signed by the third-party entity that issued it,
called a certificate authority (CA) or certification authority. Because it validates the identities of
the two VPN parties, it must be trusted. set the trust policy in the Certificate Manager.
document that contains a public key and is digitally signed by the third-party entity that issued it,
called a certificate authority (CA) or certification authority. Because it validates the identities of
the two VPN parties, it must be trusted. set the trust policy in the Certificate Manager.