Filter
Top Products
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
197
VPN>CA Certificates
3
Click Import Certificate to import the certificate into the SonicWALL security appliance. Once it is
imported, you can view the Certificate Details.
Certificate Details
The Certificate Details section lists the following information:
• Certificate Issuer
• Subject Distinguished Name
• Certificate Serial Number
• Expires On
• CRL Status
The Certificate Issuer, Certificate Serial Number, and the Expiration Date are generated by the
CA service. The information is used when a Generate Certificate Signing Request is created and
sent to your CA service for validation.
Delete This Certificate
To delete the certificate, click Delete This Certificate. You can delete a certificate if it has expired or
if you decide not to use third party certificates for VPN authentication.
Certificate Revocation List (CRL)
A Certificate Revocation List (CRL) is a way to check the validity of an existing certificate. A
certificate may be invalid for several reasons:
• It is no longer needed.
• A certificate was stolen or compromised.
• A new certificate was issued that takes precedence over the old certificate.
If a certificate is invalid, the CA may publish the certificate on a Certificate Revocation List at a
given interval, or on an online server in a X.509 v3 database using Online Certificate Status Protocol
(OCSP). Consult your CA provider for specific details on locating a CRL file or URL.
9
Tip: The SonicWALL security appliance supports obtaining the CRL via HTTP or manually
downloading the list.