5 barracuda authentication, 6 x509 authentication, Barracuda authentication – Barracuda Networks VERSION SP4 User Manual
Page 144
142 VPN Component Configuration
10.6.5
Barracuda Authentication
The following parameters are available for Barracuda Authentication:
10.6.6
X509 Authentication
The following parameters are available for X509 authentication:
Barracuda Authentication requires a valid certificate file (*.lic). The .lic file must be saved locally on the client
system using it.
List 10–1 Parameters used with Barracuda NG authentication
Parameter
Description
File
Select the certificate (*.lic) file needed for authentication at the VPN server.
Hash
READ-ONLY
After a certificate has been loaded, its hash is displayed in this field.
Certificate File
Password
Only editable if a certificate file has been loaded.
The password for certificate usage can be changed here. Enter the new password and confirm it.
The creation of a Barracuda Authentication related profile can be rudimentary adapted by including an .ini file into the
creation process. If you want to make use of this option, then have a look at 10.6.8 Advanced Settings Tab, page 143
first. Subsequently, refer to 10.6.9 Adaptation of Profile Creation using an .ini file (Barracuda NG Authentication only),
page 146 for further details.
Selecting this method requires a valid X.509 certificate (*.).
List 10–2 Parameters available for use with X509 authentication
Description
Description
Subject
After the X.509 certificate has been selected, its subject is displayed here.
Issuer
Displays the issuer of the selected X.509 certificate.
Use serial number
Defines if the certificate’s serial number gets used in the authentication process.
Valid to
Displays date and time when the X.509 certificate looses validity.
Key specific
Hash value of the certificate file.
Key usage
Value of the KeyUsage keyCertSign bit. Possible values are Exchange (public key exchange) or Signing (digital
signature).
Private Encrypt
Switches encryption procedure (private key for encryption, public for decryption) depending on whether crypto API
is supported or not.
Prompt for user and password
Set to yes to request both, certificate and user/password validation.
Temporary Root Certificate
As soon as a temporary root certificate has been provided by the server, it can be viewed with the menu item
Show …
or deleted with the menu item
Clear
.
Show external X509 Certificate
If an external X.509 certificate has been loaded, its properties can be viewed here.