Multi-level certificate hierarchies

In order to support multiple certificate hierarchies, up to nine PKCS#12 files can be uploaded to the device. Also, further files with individual additional CA certificates can be uploaded, which enclose the certificates either individually or as PKCS#12 containers. All certificate hierarchies can be managed manually or with SCEP, and they can use CRLs.

LANconfig: Device > Configuration management > Upload certificate from file





The certificates in the device can be viewed in the status area:

WEBconfig: Extras > LCOS menu tree > Status > Certificates > Device-Certificates

The internal file system for the device classifies the device certificates as applications "VPN1" to "VPN9".

To use the certificate, either the certificate subject or this abbreviation can be used as "local identity" in the IKE keys of type ASN.1-Distinguished Name.

Note: Using this abbreviation to reference the certificates allows subjects containing special characters to be used, such as German umlauts. This is not usually possible when working with the command-line interface configuration.

The abbreviation is entered as "Application" when configuring the certificates for the SCEP client.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo