In order to support multiple certificate hierarchies, up to nine PKCS#12 files can be uploaded to the device. Also, further files with individual additional CA certificates can be uploaded, which enclose the certificates either individually or as PKCS#12 containers. All certificate hierarchies can be managed manually or with SCEP, and they can use CRLs.
LANconfig:
The certificates in the device can be viewed in the status area:
WEBconfig:
The internal file system for the device classifies the device certificates as applications "VPN1" to "VPN9".
To use the certificate, either the certificate subject or this abbreviation can be used as "local identity" in the IKE keys of type ASN.1-Distinguished Name.
The abbreviation is entered as "Application" when configuring the certificates for the SCEP client.