...
- For the Certificate type, select Certificate.
- Certificate Authority must be selected as the template.
- Enter any Common Name.
- Assign any private key password.
- Set a validity period.
- You can leave the settings Encryption Algorithm, Key Size and Hash Algorithm in the default.
1.1.3) Next, create a VPN certificate for the headquarters. Modify the following parameters for it and then click Create:
- For the Certificate type, select Certificate.
- Certificate must be selected as the template.
- Assign any private key password.
- Set a validity period.
- Select the VPN CA from step 1.1.2 as the "Signing CA".
- In the CA password field, enter the password that you assigned in step 1.1.2.
- You can leave the settings Encryption Algorithm, Key Size and Hash Algorithm in the default.
1.1.4) Next, create a VPN certificate for the branch office. Modify the following parameters for it and then click Create:
- For the Certificate type, select Certificate.
- Certificate must be selected as the template.
- Assign any private key password.
- Set a validity period.
- Select the VPN CA from step 1.1.2 as the "Signing CA".
- In the CA password field, enter the password that you assigned in step 1.1.2.
- You can leave the settings Encryption Algorithm, Key Size and Hash Algorithm in the default.
1.1.5) Under Certificate management, go to the certificate of the branch office and click the export button.
1.1.6) As the format, select the option PKCS #12 PKCS#12 , enter the passwords and click on Export:
...
1.1.7) Under Certificate management, go to the certificate of the headquarters and click the export button.
1.1.8) As the format, select the option PEM and click on Export.
...
2.1.1) Use a browser to connect to the branch-office Unified Firewall, switch to the menu Certificate Management → Certificates and click on the icon for importing a certificate.
2.1.2) Under Certificate file, select the branch-office certificate, enter the passwords and click on Import:
- Decryption Password: Enter the decryption transport password set in step 1.1.6.
- Password/New Password: Enter a new password. This is used to encrypt the private key after the import.
2.1.3) Import a further certificate. Under Certificate file, select the certificate for the headquarters and click on Import:
| Info |
|---|
There is no need to enter passwords here, because exporting the headquarters certificate does not require passwords to be set. |
2.2) Setting up the VPN connection:
...