There are two types of certificates that can be uploaded: self-signed certificates and remote
certificates belonging to a remote peer or CA server. Self-signed certificates can be generated by
using one of a number of freely available utilities for doing this.
Example 3.18. Uploading a Certificate
The certificate may either be self-signed or belonging to a remote peer or CA server.
Web Interface
1.
Go to Objects > Authentication Objects > Add > Certificate
2.
Specify a suitable name for the certificate
3.
Now select one of the following:
•
Upload self-signed X.509 Certificate
•
Upload a remote certificate
4.
Click OK and follow the instructions
Example 3.19. Associating Certificates with IPsec Tunnels
To associate an imported certificate with an IPsec tunnel.
Web Interface
1.
Go to Interfaces > IPsec
2.
Display the properties of the IPsec tunnel
3.
Select the Authentication tab
4.
Select the X509 Certificate option
5.
Select the correct Gateway and Root certificates
6.
Click OK
3.7.3. CA Certificate Requests
To request certificates from a CA server or CA company, the best method is to send a CA
Certificate Request which is a file that contains a request for a certificate in a well known,
predefined format.
Manually Creating Windows CA Server Requests
The NetDefendOS Web Interface (WebUI) does not currently include the ability to generate
certificate requests that can be sent to a CA server for generation of the .cer and .key files required
by NetDefendOS.
It is possible, however, to manually create the required files for a Windows CA server using the
following stages.
•
Create a gateway certificate on the Windows CA server and export it as a file in the .pfx format.
•
Convert the .pfx file into the .pem format.
3.7.3. CA Certificate Requests
Chapter 3. Fundamentals
135
Summary of Contents for NetDefend DFL-260E
Page 27: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 27...
Page 79: ...2 7 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 79...
Page 146: ...3 9 DNS Chapter 3 Fundamentals 146...
Page 227: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 227...
Page 241: ...5 4 IP Pools Chapter 5 DHCP Services 241...
Page 339: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 339...
Page 360: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 360...
Page 382: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 382...
Page 386: ...The TLS ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 386...
Page 439: ...Figure 9 3 PPTP Client Usage 9 5 4 PPTP L2TP Clients Chapter 9 VPN 439...
Page 450: ...9 7 6 Specific Symptoms Chapter 9 VPN 450...
Page 488: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 488...
Page 503: ...11 6 HA Advanced Settings Chapter 11 High Availability 503...
Page 510: ...12 3 5 Limitations Chapter 12 ZoneDefense 510...
Page 533: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 533...