Funkwerk Enterprise Communications GmbH
R1xxx/R3xxx/R4xxx
Field
Force certificate to be
trusted
Caution
It is extremely important for VPN security that the integrity of all certificates manually
marked as trustworthy (certification authority and user certificates) is ensured. The dis-
played "fingerprints" can be used to check this integrity: Compare the displayed values
with the fingerprints specified by the issuer of the certificate (e.g. on the Internet). It is
sufficient to check one of the two values.
10.6.1.2 Certificate Request
Registration authority certificates in SCEP
If SCEP (Simple Certificate Enrollment Protocol) is used, your device also supports separ-
ate registration authority certificates.
Registration authority certificates are used by some Certificate Authorities (CAs) to handle
certain tasks (signature and encryption) during SCEP communication with separate keys,
and to delegate the operation to separate registration authorities, if applicable.
When a certificate is downloaded automatically, i.e. if CA Certificate =
is selected, all the certificates needed for the operation are loaded automatically.
If all the necessary certificates are already available in the system, these can also be selec-
ted manually.
Select the Certificate Request button to request or import more certificates.
The menu System Management->Certificates->Certificate List->Certificate Request
consists of the following fields:
Description
•
tings of the higher level certificate are used, if one exists. It is
does not, the same procedure is used as that described under
"Only if a CRL Distribution Point is present".
Define that this certificate is to be accepted as the user certific-
ate without further checks during authentication.
The function is enabled with
The function is disabled by default.
10 System Management
: The set-
.
115