Below are the steps to follow to create and mange local certificates in Panda GateDefender Integra used to authenticate VPN connections.
Steps to access local certificates
- Go to the Panda GateDefender Integra administration console.
- Click VPN in the main menu and select Digital certificate management. The Certificate management screen shows the local certificates, at the top, and the CA certificates, at the bottom.
The entries showing the status of the local certificates contain the following parameters:
- Name of the certificate.
- Certificate identifier. Common Name of the digital certificate that will be used to identify it. This could be an IP address, an FQDN name or an email address.
- Certificate status. Displays the status of the certificate. If it is a certificate signing request, the console will display CSR. If it has already been signed by a certifying authority (CA), the console will display SIGNED.
- Validity. Period of validity of the certificate displaying start and end dates of this period. If the certificate is inactive, this information will appear empty.
What’s more, a local certificate can be imported, request signature, generated and deleted.
- Import: To import a certificate pending signature or certified with the private key, follow the steps below:
- Select if you want to Import a certificate pending signing or Import a certificate with private key issued by a CA
- If you select Import certificate with private key, enter your Username and Password to identify yourself locally and be able to read the private key
- Click on Browse… to select the certificate you want to import
- Click on Import once you have chosen a certificate to include it in the list. If you want to exit installation without saving the changes, click on Cancel.
- Request signature: If you want a certificate to be signed by a CA, click on Request signature. This will generate a CSR (Certificate Signing Request) to be sent to a CA.
- Generate: To generate digital certificates used for authentication, click on Generate. A screen appears where you can complete the fields required:
- Name. Local certificate identifier.
- Identifier type. This could be an IP address, an FQDN name (fully-qualified domain name) or an email address.
- Certificate identifier. Common Name of the digital certificate that will be used to identify it. This could be an IP address, an FQDN name (fully qualified domain name) or an email address.
- RSA key length. Select the length of your RSA key.
You can also add the following information:
- Organizational unit (Department).
- Organization (Company
- Email address
- View: If you want to see more details about the certificate, select it and click on View.
- Delete: To eliminate the certificate, select it and click on Delete.