ProSafe VPN Firewall 200 FVX538 Reference Manual
Virtual Private Networking 5-27
v1.0, August 2006
2. For additional status and troub leshooting informa tion, right-click on the VPN client icon Logs
and Connection Status screens in the FVX538.
Certificate Authorities
Digital Self Certificates are used to authenticate the identity of users and systems, and are issued
by various CAs (Certification Authorities). Digital Certificates are used by this router during the
IKE (Internet Key Exchange) authentication phase as an alternative authentication method. Self
Certificates are issued to you by various CAs (Certification Authorities).
Each CA also issues a CA Identity certificate shown in the Trusted Certificates (CA
Certificates) table. This Certificate is required in order to validate communication with the CA. It
is a three-step process. First, you generate a CA request; then, when the request is granted, you
upload the Self Certificate (shown in the Active Self Certificates table) and then you upload the
CA Identity certificate (shown in the Trusted Certificates table.
The Trusted Certificates table lists the certificates generated and signed by a publicly known
organ ization or authority called the Certificate Authority. The table lists the certificates of each CA
and contains the following data:
•CA Identity (Subject Name). The organization or person to whom the certificate is issued.
•Issuer Name. The name of the CA that issued the certificate.
•Expiry Time. The date after which the certificate becomes invalid
Figure 5-23