Chapter 3 Using certificates 71
Configuring the Contivity VPN Client
The actual message is "The Server's Certificate has been revoked, or could not be
validated. Please check with your remote access administrator. The Connection
has been terminated." Be sure that the CRL distribution point is accessible to the
PC after the client tunnel connection is complete. The CRL distribution point
must be reachable by the client. An example CRL distribution point, as defined
from the issuing CA, is http://sf1.certificates.com/CertEnroll/SF1.crl.
Entrust certificate-based authentication
The following sections describe Entrust certificate activities related to the client.
The Contivity VPN Client supports Entrust Version 6.0 for Entrust single login.
The single login feature allows you to automatically authenticate to all
certificate-enabled applications with a single access to your certificate (either an
.epf or .tkn file) during a login session. If you have already presented your
certificate to authenticate one application, you are not prompted to present the
certificate for other applications during the login session.
To use single sign-on:
1 Install the Contivity VPN Client as application.
2 Configure the Contivity Secure IP Services Gateway for an Entrust user.
3 Install the Entrust Entelligent Client.
4 Double-click on the Entrust icon.
5 Log in to the Entrust Entelligent Client.
6 Create an Entrust profile on the Contivity VPN Client. The password field is
grayed out on the Contivity VPN Client because the user is already logged in.
7 Click on Connect to establish VPN connection.
To Next Page
Loading...
