User - Certificates
What can I do here?
Use this window to create, edit and cancel user certificates.
|
Getting Here - Object Explorer Categories > Users > Users > Select User > Edit > Certificates
|
Managing Certificates
Check Point VPN lets you define many certificates for each user. This lets users connect from different devices without the necessity to copy or move certificates from one device to another. Users can also connect from different devices at the same time.
There are two basic procedures for creating and authenticating using remote access VPN certificates:
Sending a P12 File:
- The administrator creates a p12 certificate file and sends it to users.
- The user saves the p12 file on the device and specifies the certificate using a remote VPN Client.
- Users authenticate by entering a certificate password when starting a remote access VPN connection.
Using a Registration key:
- The administrator creates a registration key and sends it to the user.
- The user enrolls the certificate by entering the registration key in a Remote Access VPN client. The user can optionally save the p12 file to the device. The user must do this in an administrator-defined period of time.
- End users authenticate using this certificate. A password can also be required according to the security policy settings. If the user saves the p12 file to the device, a password is always necessary.
Tell me about the fields...
- - Show all certificates or only active certificates. Active certificate are valid for enrollment and for renewed certificates. Renewed certificates are automatically revoked one week after renewal.
- - Create a new certificate.
- - Change an existing certificate.
- - Cancel an existing certificate.
Certificate Options
- - Show all certificates or only active certificates. Active certificate are valid for enrollment and for renewed certificates. Renewed certificates are automatically revoked one week after renewal.
- - Create a new certificate.
- - Change an existing certificate.
- - Cancel an existing certificate.
