Figure 76 – Avaya 3.7 User Manual

Using advanced features

236 Avaya VPNmanager Configuration Guide Release 3.7

Figure 76: The Policy Manager for My Certificates

To install a signed certificate into a VSU:

1. From the Device>Contents column, select the VSU that needs a Signed Certificate.

2. Click the Policies tab to bring it to the front.

3. From the drop-down list, select My Certificates, then click GO to open the Policy Manager

for My Certificates.

4. Click Generate Certificate Request to open the Save as dialog box.

5. Use the Look in drop-down list to navigate to a directory where you want to save the

certificate request.

6. In the File name text box, type in a name for the Certificate Request, then click Save.

7. The VSU saves a Certificate Request into this new file then update the Maintain Certificates

list with information about the new Certificate Request. The status column for the unsigned
request displays Request Ready. The request exists in the Privacy-Enhanced Mail (PEM)
using PKCS #10 format.

8. Send the Certificate Request to a PKI System.

9. The PKI System must use the Distinguishing Encoding Rules (DER) format for creating the

Signed Certificate.

10. The PKI System creates a Signed Certificate for the VSU.

Figure 77

shows what a

certificate in PEM format looks like (its body has been shortened for the example). Currently
a VSU accepts the certificate delivery formats of PEM, DER, Base64X509, and PKCS#7.