Using the Web Browser Interface for Advanced Configuration Tasks
Setting Up Virtual Private Networks
14-102
a.
Complete the Set SCEP Parameters section to allow the router to
submit the request and obtain the self certificate automatically:
i.
The URL field should display the CA server's fully-qualified
domain name.
ii. You can enter a SCEP password. Your CA will request this pass-
word when if you ask it to delete the certificate. Enter the
password in the SCEP Challenge Password field. Enter the same
password in the Re-enter field to ensure that you did not miskey it.
iii. You can alter the number of times the Secure Router OS will
attempt to obtain the self certificate by changing the value in the
Number of Retries field. You can also alter the time between
retries.
b. Set parameters for the digital signature in the Select Encryption
Strength section. Select either RSA or DSS from the Encryption
Algorithm pull-down menu. (You must choose the standard that you
chose for the IKE authentication method when configuring the VPN
connection.)
Figure 14-79. Generating a Self Certificate Request