User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
Using the Certificate Manager 6-13
202-10015-01
Request a Personal Certificate
After you retrieve or import a CA certificate, you must request a personal certificate from this CA.
If your client was installed with a CA certificate, the Online Certificate Request or File-based
Certificate Request dialog box opens automatically the first time your computer restarts after client
installation.
When the CA supports SCEP, submit the request online. For CAs that don't support SCEP, create a
certificate request to submit to the CA manually.
Note: If you requested your CA certificate manually from CA that supports SCEP, and want to
request a personal certificate online, configure the CA certificate before requesting the personal
certificate.
1. In the Certificate Manager, click the My Certificates tab.
2. Click Request Certificate. The Online Certificate Request or File-based Certificate
Request dialog box opens.
3. For online certificate requests only: In the Enrollment method group, make sure that Online is
selected.
4. In the Subject Name group, complete the personal information boxes, as required by the CA.
Note: To use LDAP format when completing these boxes, select the Enter Subject Name in
LDAP format check box, and then go to Edit a distinguished name.
5. If this CA requires it, complete at least one box in the Subject Alternate Name group,
according to the CA's instructions. These boxes may be completed automatically.
6. For online certificate requests only: In the Online Request Information group, take these
steps:
a. In the Challenge Phrase box, type an alphanumeric character string for the CA to confirm
your identity with if you ask to revoke your certificate. The CA makes sure that you are
the person the certificate says you are before rescinding your certificate. Record this
phrase.
b. In the Confirm Challenge box, retype the challenge phrase.
c. In the Issuing CA list, click the CA you are requesting the certificate from.
Caution: Make this selection carefully; you can't reverse your decision later.