6 certificates, 1 certificates, Generate a new certificate – NEXCOM IFA 1610 User Manual

Copyright © 2014 NEXCOM International Co., Ltd. All Rights Reserved.

IFA 3610/IFA 2610/IFA 1610 User Manual

Chapter 7: The VPN Menu

72

7.6 Certificates

The Certificates page allows the management of the certificates that are needed by the various OpenVPN server instances

running on the appliance and is composed of three tabs: Certificates, Certificate Authority, and Revoked Certificates.

7.6.1 Certificates

Here it is possible to manage all the certificates stored on the appliance. The table, initially empty, shows all certificates

along with the following details, one per each column:

▪ Serial. A unique number identifying the certificate.

▪ Name. The name assigned to the certificate.

▪ Subject. The collection of information that identify the certificate. itself. See the options below.

▪ Expiration Date. The final date of validity of the certificate.

▪ Actions. What can be done with the certificate:

▪ - to show all its details.

▪ - to download it in PEM format.

▪ - to download it in PKCS12 format.

▪ - to delete the private key associated to it.

▪ - revoke the certificate.

Above the list, a link can be clicked to Add new certificate. Upon clicking, the page will be replaced by a form that

allows to provide all data necessary to the generation of a new certificate.

At the bottom of the table, on the left-hand side there is a navigation widget, that allows to navigate among the various

pages composing the table, if there are many certificates, whereas on the right-hand side there is a reload widget, used

to refresh the list of certificates.

Add new certificate

Three alternatives are available to store a new certificate on the appliance, selectable from this drop-down menu:

Generate a new certificate, Upload a certificate, and Upload a Certificate signing request.

Generate a new certificate

The first alternative allows to create a new certificate directly on the appliance, by providing the following information.

The capital letters in parentheses show the field of the certificate that will be filled by the value supplied and form the

Subject of the certificate.

Note:

A Root Certificate Authority is needed to create certificates, so create the Root CA before creating certificates.

Common name

The common name (CN) of the certificate’s owner, i.e., the name with which the owner will be identified.

Email address

The e-mail address of the certificate’s owner.

Organizational unit name

The Organisation Unit (OU) to which the owner belongs to, i.e., the company, enterprise, or institution department

identified with the certificate.

Organization name

The organisation (O) to which the owner belongs to.

City

The city (L) in which the organisation is located.

State or province

The state or province (ST) in which the organisation is located.

Country

The Country (C) in which the organisation is located, chosen from those in the selection menu. By typing one or more

letters, matching countries are searched for and displayed.