In order to support multiple certificate hierarchies, LCOS as of version 7.80 allows up to nine PKCS#12 files to be uploaded to the device. Also, further files with individual additional CA certificates can be uploaded, which enclose the certificates either individually or as PKCS#12 containers. All certificate hierarchies can be managed manually or with SCEP, and they can use CRLs.
LANconfig: Device / Configuration management / Upload certificate from file
WEBconfig: File management / Upload certificate or file
The certificates in the device can be viewed in the status area:
WEBconfig: Status / Status / Certificates / Device certificates
The internal file system for the device classifies the device certificates as applications "VPN-1" to "VPN-9".
To use the certificate, either the certificate subject or this abbreviation can be used as "local identity" in the IKE keys of type ASN.1-Distinguished Name.
The abbreviation is entered as "Application" when configuring the certificates for the SCEP client.