Cisco Systems OL-5490-01 - page 68

6-8

VPN Client User Guide for Mac OS X

OL-5490-01

Chapter6 Enrolling and Managing Certificates

Viewing a Certificate

Figure6-7 Certificate Properties

A typical digital certificate contains the following information:

•Common name—The name of the owner, usually both the first and last names. This field identifies

the owner within the Public Key Infrastructure (PKI organization).

•Department—The name of the owner’s department. This is the same as the organizational unit in the

Subject field.

•Company—The company in which the owner is using the certificate. This is the same as the

organization in the Subject field.

•State—The state in which the owner is using the certificate.

•Country—The 2-character country code in which the owner’s system is located.

•Email—The e-mail address of the owner of the certificate.

•Thumbprint—The MD5 and SHA-1 hash of the certificate’s complete contents. This provides a

means for validating the authenticity of the certificate. For example, if you contact the issuing CA,

you can use this identifier to verify that this certificate is the correct one to use.

•Key size—The size of the signing key pair in bits.

•Subject—The fully qualified distinguished name (FQDN) of the certificate’s owner. This field

uniquely identifies the owner of the certificate in a format that can be used for LDAP and X.500

directory queries. A typical subject includes the following fields:

–

common name (cn)

–

organizational unit, or department (ou)

–

organization or company (o)

–

locality, city, or town (l)

Contents

Main VPN Client User Guide for Mac OS X Page CONTENTS Page Page Page About This Guide Audience Contents Related Documentation Terminology Document Conventions Data Formats Obtaining Documentation Cisco.com Documentation CD-ROM Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco.com Technical Assistance Center Cisco TAC Website Cisco TAC Escalation Center Obtaining Additional Publications and Information Understanding the VPN Client Connection Technologies VPN Client Overview VPN Client Features Program Features Page Authentication Features IPSec Features VPN Client IPSec Attributes Page Page Installing the VPN Client Verifying System Requirements Gathering Information You Need Obtaining the VPN Client Software Preconfiguring the VPN Client Preconfiguring the User Profile Preconfiguring the Global Profile Bundling a Root Certificate with the Installation Package for Darwin Installing the VPN Client Authentication Page VPN Client Installation Process Introduction Accepting the License Agreement Selecting the Application Destination Choosing the Installation Type Page Page Page CLI Version Install Script Notes Uninstalling the VPN Client Page Page Navigating the User Interface VPN Client Menu Choosing a Run Mode Operating in Simple Mode VPN Client WindowSimple Mode Main MenusSimple Mode Connection Entries Menu Status Menu Operating in Advanced Mode VPN Client WindowAdvanced Mode Toolbar Action ButtonsAdvanced Mode Main TabsAdvanced Mode Main MenusAdvanced Mode Connection Entries Menu Status Menu Certificates Menu Log Menu Right-Click Menus Connection Entries Tab Right-Click Menu Certificates Tab Right-Click Menu Configuring Connection Entries Creating a Connection Entry Page Authentication Methods Group Authentication Mutual Group Authentication Certificate Authentication Page Transport Parameters Enable Transport Tunneling Transparent Tunneling Mode Allow Local LAN Access Peer Response Timeout Backup Servers Page Page Establishing a VPN Connection Checking Prerequisites Establishing a Connection Page Connecting to a Default Connection Entry Choosing Authentication Methods Shared Key Authentication VPN Group Name and Password Authentication RADIUS Server Authentication SecurID Authentication Using Digital Certificates Enrolling and Managing Certificates Using the Certificate Store Enrolling Certificates Page Page Managing Enrollment Requests Viewing the Enrollment Request Deleting an Enrollment Request Changing the Password on an Enrollment Request Retrying an Enrollment Request Importing a Certificate Viewing a Certificate Page Exporting a Certificate Deleting a Certificate Verifying a Certificate Changing the Password on a Personal Certificate Managing the VPN Client Managing Connection Entries Importing a Connection Entry Modifying a Connection Entry Deleting a Connection Entry Event Logging Enable Logging Clear Logging Set Logging Options Page Opening the Log Window Viewing Statistics Tunnel Details Route Details Notifications Page INDEX A B C D E F G H I K L M N O P Q R S T U V W X