VPN > Certificates > IPsec Certificates

On this window, you manage IPsec certificates, generate certificate requests, and manage private keys. Installing certificates is the optional Step 2 in configuring an IPsec VPN with IKE and in configuring an L2TP Layer 2 Tunneling Protocol over IPsec VPN.

To see detailed instructions for configuring IPsec VPNs on the Threat Management Services (TMS) zl Module (including an explanation for the figure below), click here.

To see detailed instructions for configuring L2TP over IPsec VPNs on the TMS zl Module (including an explanation for the figure below), click here.

Click the to see the explanation for a field, or click here to see an explanation of all fields.

 

  • Import Certificate 

  • Retrieve Certificate through SCEP Simple Certificate Enrollment Protocol 

  • Subject Name 

  • Trusted Certificate to Verify Certificate 

  • Certificate Type 

  • Encryption Algorithm 

  • Challenge Password 

  • Identifier to Store Private Key 

  • Key Size 

  • Import Private Key 

  • Private Key Identifier 

  • Select Private Key 

  • Generate Private Key 

  • Private Key Identifier 

  • Key Algorithm 

  • Key Size 

  • Generate Certificate Request 

  • Certificate Name 

  • Signature Algorithm 

  • Private Key Identifier 

  • Subject Name 

  • Optional: Subject Alternate Names 

 

 

Submit the certificate request to your CA Certificate Authority. Request that certificate files be returned to you in PEM Privacy Enhanced Mail or DER Distinguished Encoding Rules format. When your CA sends you its CA root certificate, the TMS zl Module’s self certificate, and a CRL Certificate Revocation List, copy the files to your management station. Upload each file as follows:

  • CA root certificateCertificate Authorities tab: click Import Certificate to upload the root certificate.

  • TMS zl Module's self certificateIPsec Certificates tab: click Import Certificate to upload the self certificate.

  • CRLCRL tab: click Import CRL to upload the CRL.