6 certificate management – HotBrick VPN Client User Manual

HotBrick VPN Client User Manual

Property of HotBrick — 2005

18

4.6 Certificate

management

HotBrick IPSec VPN Client uses X509 certificates with PEM format. This kind of certificates is created with
OpenSSL, not with HotBrick VPN Client.
In order to use X509 Certificates with HotBrick IPSec VPN client, you must have the following items:

• Root certificate
• User certificate
• Private key of the user certificate

The private key must not be encrypted. X509 certificates are used during Phase 1.

4.6.1 How configuring IPSec VPN Client with certificates?

1. Select radio button “Certificate” in the 'Authentication' window and click on “Certificates Mgt”

2. Click on “Browse” and select the appropriate files.

3. Open “Advanced button” and fill Local ID with:

• Type = "DER_ASN1_DN".
• Value = subject user certificate ("Subject:") content like "C=FR, ST=Paris, L=Paris,

O=HotBrick, OU=Internal OpenSSL CA, CN=exemple/[email protected]".