Cisco Systems OL-5490-01 - page 63

6-3

VPN Client User Guide for Mac OS X

OL-5490-01

Chapter6 Enrolling and Managing Certificates

Enrolling Certificates

Figure6-2 Online Certificate Enrollment

Step4 Enter the enrollment parameters.

•For online enrollment enter:

–

Certificate Authority—The Common name or the Subject name of the CA Certificate. This

drop-down list contains a history of previously enrolled CA certificates. If you select a CA from

this list, the CA URL and the CA Domain fields are pre-populated. For <New> online

enrollments, you must enter the CA URL and the CA Domain manually.

–

CA URL—The URL or network address of the CA. For example,

http://198.162.41.9/certsrv/mcep/mcep.dll.

–

CA Domain—The CA's domain name. For example, qa2000.com.

–

Challenge Password—Some CAs require that you enter a password to access their site. Enter

this password in the Challenge Password field. Obtain the challenge password from your

administrator or from the CA.

–

New Password—The password for this certificate. Each digital certificate is protected by a

password. If you create a connection entry that requires a digital certificate for authentication,

you must enter the certificate password each time you attempt a connection.

•For file enrollment enter:

–

File encoding type of the output file.

Base-64—The default, is an ASCII-encoded PKCS10 file that you can display because it is in

a text format. Use this type when you want to cut and paste the text into the CA's website.

Binary—a base-2 PKCS10 (Public-Key Cryptography Standards) file. You cannot display a

binary-encoded file

��

Filename—The full pathname for the file request. For example,

/Users/Anna/Documents/Certificates/mycert.p10.

–

New Password—The password for this certificate. Each digital certificate is protected by a

password. If you create a connection entry that requires a digital certificate for authentication,

you must enter the certificate password each time you attempt a connection.

Contents

Main VPN Client User Guide for Mac OS X Page CONTENTS Page Page Page About This Guide Audience Contents Related Documentation Terminology Document Conventions Data Formats Obtaining Documentation Cisco.com Documentation CD-ROM Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco.com Technical Assistance Center Cisco TAC Website Cisco TAC Escalation Center Obtaining Additional Publications and Information Understanding the VPN Client Connection Technologies VPN Client Overview VPN Client Features Program Features Page Authentication Features IPSec Features VPN Client IPSec Attributes Page Page Installing the VPN Client Verifying System Requirements Gathering Information You Need Obtaining the VPN Client Software Preconfiguring the VPN Client Preconfiguring the User Profile Preconfiguring the Global Profile Bundling a Root Certificate with the Installation Package for Darwin Installing the VPN Client Authentication Page VPN Client Installation Process Introduction Accepting the License Agreement Selecting the Application Destination Choosing the Installation Type Page Page Page CLI Version Install Script Notes Uninstalling the VPN Client Page Page Navigating the User Interface VPN Client Menu Choosing a Run Mode Operating in Simple Mode VPN Client WindowSimple Mode Main MenusSimple Mode Connection Entries Menu Status Menu Operating in Advanced Mode VPN Client WindowAdvanced Mode Toolbar Action ButtonsAdvanced Mode Main TabsAdvanced Mode Main MenusAdvanced Mode Connection Entries Menu Status Menu Certificates Menu Log Menu Right-Click Menus Connection Entries Tab Right-Click Menu Certificates Tab Right-Click Menu Configuring Connection Entries Creating a Connection Entry Page Authentication Methods Group Authentication Mutual Group Authentication Certificate Authentication Page Transport Parameters Enable Transport Tunneling Transparent Tunneling Mode Allow Local LAN Access Peer Response Timeout Backup Servers Page Page Establishing a VPN Connection Checking Prerequisites Establishing a Connection Page Connecting to a Default Connection Entry Choosing Authentication Methods Shared Key Authentication VPN Group Name and Password Authentication RADIUS Server Authentication SecurID Authentication Using Digital Certificates Enrolling and Managing Certificates Using the Certificate Store Enrolling Certificates Page Page Managing Enrollment Requests Viewing the Enrollment Request Deleting an Enrollment Request Changing the Password on an Enrollment Request Retrying an Enrollment Request Importing a Certificate Viewing a Certificate Page Exporting a Certificate Deleting a Certificate Verifying a Certificate Changing the Password on a Personal Certificate Managing the VPN Client Managing Connection Entries Importing a Connection Entry Modifying a Connection Entry Deleting a Connection Entry Event Logging Enable Logging Clear Logging Set Logging Options Page Opening the Log Window Viewing Statistics Tunnel Details Route Details Notifications Page INDEX A B C D E F G H I K L M N O P Q R S T U V W X