The following components must be available in a LANCOM for the establishment of VPN connections that are secured by certificate.
- The Root CA's certificate with the CA's public key
- A certificate for its own device with its own public key and the confirmation of identity. The hash value for this certificate is signed with the CA's private key.
- Its own private key
If you have followed the instructions for issuing certificates with a Windows CA and their export, then this information will now be available in the form of a combined PKCS#12 file. Alternatively you have used a different method and the individual components are available as separate files.
Note: The certificate file can at this time only be uploaded to the devices with WEBconfig. Make
sure that you use an HTTPS connection as the passphrase for the PKCS#12 file is transmitted
unencrypted
- Use WEBconfig to log on to the required device; you will need administrator rights.
- Select the entry for Upload Certificate or File.
- Select the components that you wish to upload to the device:
- Root certificate
- Device certificate
- Private key for the device
- PKC#12 file with a combination of root certificate, device certificate and private key
Note: The relevant password must be entered depending on the type of file to be uploaded.The uploaded files can then be viewed in a list under LCOS menu tree / Status / File system / Content .
Note: A combined PKCS#12 file is divided up into the necessary components upon upload.