Managing Internal Certificates
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|362
Managing Internal Certificates
In the Certificates Internal Certificate page you can view details of an internal VPN certificate.
You can also view and reinitialize the certificate used by the internal CA that signed the
certificate and can be used to sign external certificates.
Note - This page is available from the Device and VPN tabs.
When you create an internal VPN certificate, when a certificate that is signed by the internal
CA is used, the CA's certificate must be reinitialized when the Internet connection's IP
addresses change.
To avoid constant reinitialization, we recommend you use the DDNS feature. See Device >
DDNS. When DDNS is configured, you only need to reinitialize the certificate once. Changes
in the DDNS feature configuration by default automatically reinitialize certificates.
To reinitialize certificates:
1. Click Reinitialize Certificates.
The Reinitialize Certificates window opens.
2. Enter the Host/IP address.
Normally, the device suggests its own host name (when DDNS is configured) or its
external IP address. If you have multiple Internet connections configured, in load sharing
mode, you can manually enter an accessible IP address for this appliance. This is used
by remote sites to access the internal CA and check for certificate revocation.
3. Select the number of years for which the Internal VPN Certificate is valid. The default is
3. The maximum value allowed is 20.
4. Click Apply
Note - The internal VPN certificate expiration date cannot be later than the CA
expiration date.
To Next Page
Loading...
