User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
Using the Certificate Manager 6-5
202-10015-01
Table 6-1.
Retrieve a CA Certificate Online
Before you can request a personal certificate online, you must retrieve a CA certificate—root or
subordinate—online. For a list of the CAs that offer online retrieval, go to CAs that support SCEP.
When you retrieve a CA certificate online, the CA may also include registration authority (RA)
certificates, which you can view or verify in the Certificate Manager.
Note: If you access the Internet through a firewall, make sure that the Use HTTP proxy server for
online certificate requests and CRL updates check box check box is selected on the Certificate
Settings dialog box in the Security Policy Editor.
1. In the Certificate Manager, click the tab for the CA certificate type to retrieve:
• For a root CA certificate, Root CA Certificates
• For a subordinate CA certificate, CA Certificates
2. Click Retrieve CA Certificate. The Retrieve CA Certificate Online dialog box opens.
3. In the CA Domain box, type the CA's domain name, such as abc123.com.
4. In the Online Certificate Server box, type the complete URL, including the schema, such as
http://, of the CA's certificate server.
5. Unless your network security administrator instructs you otherwise, leave the Place
certificate in local machine store check box selected (the default). This adds the certificate to
the store for all users who log on to this computer (local machine).
Caution! In Windows NT and Windows 2000 and XP, you must be logged on as
administrator or its equivalent to add this certificate to the local machine store.
Certificate Authority Telephone Web site
Entrust Technologies, Inc (972) 943-7300
www.entrust.com
iPlanet (888) 786-8111
www.iplanet.com
Microsoft Corporation (425) 882-8080
www.microsoft.com
RSA Security (Keon) (877) 772-4900
www.rsasecurity.com
VeriSign, Inc. (650) 961-7500
www.verisign.com