NETGEAR ProSafe SSL312 User Manual

NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual

Installing the SSL312

2-9

v1.1, November 2006

You can obtain a certificate from a well-known commercial Certificate Authority (CA) such as
Verisign or Thawte, or you can generate and sign your own certificate. Because a commercial CA
takes steps to verify the identity of an applicant, a certificate from a commercial CA provides a
strong assurance of the server’s identity. A self-signed certificate will trigger a warning from most
browsers as it provides no protection against identity theft of the server.

Your SSL VPN Concentrator contains a self-signed certificate from NETGEAR. NETGEAR
recommends that you replace this certificate prior to deploying the SSL VPN Concentrator in your
network.

From the Certificates menu, you can view the currently loaded certificates, upload a new
certificate and generate a Certificate Signing Request (CSR).

Obtaining a Certificate from a Certificate Authority

To obtain a certificate from a CA, you must generate a Certificate Signing Request (CSR) for your
SSL VPN Concentrator. The CSR is a file containing information about your company and about
the device that will hold the certificate. Refer to the CA for guidelines on the information you
include in your CSR.

To generate a new Certificate Signing Request (CSR) file: