SonicOS 7.1 Device Settings
- SonicOS 7.1
- About SonicOS
- About Device Settings
- Managing SonicWall Licenses
- System Administration
- Configuring the Firewall Name
- Enabling Wireless LAN and IPv6
- Changing the Administrator Name and Password
- Configuring Login Security
- Multiple Administrators Support
- Enabling Enhanced Audit Logging Support
- Configuring the Wireless LAN Controller
- Enabling SonicOS API and Configuring Authentication Methods
- Enabling GMS Management
- Configuring the Management Interface
- Client Certificate Verification
- Selecting a Language
- Configuring Time Settings
- Managing Certificates
- Administering SNMP
- Firmware Settings
- Storage
- Restarting the System
- SonicWall Support
About Digital Certificates
A digital certificate is an electronic means to verify identity by a trusted third party known as a Certificate Authority (CA). The X.509 v3 certificate standard is a specification used with cryptographic certificates and allows you to define extensions that you can include with your certificate. SonicWall has implemented this standard in its third-party certificate support.
You can use a certificate signed and verified by a third-party CA to use with an IKE (Internet Key Exchange) VPN policy. IKE is an important part of IPsec VPN solutions, and it can use digital certificates to authenticate peer devices before setting up Security Associations (SAs). Without digital certificates, VPN users must authenticate by manually exchanging shared secrets or symmetric keys. Devices or clients using digital signatures do not require configuration changes every time a new device or client is added to the network.
A typical certificate consists of two sections: a data section and a signature section. The data section typically contains information such as the version of X.509 supported by the certificate, a certificate serial number, information about the user’s public key, the Distinguished Name (DN), validation period for the certificate, and optional information such as the target use of the certificate. The signature section includes the cryptographic algorithm used by the issuing CA, and the CA digital signature.
SonicWall Security Appliances interoperate with any X.509v3-compliant provider of Certificates. SonicWall Security Appliance have been tested with the following vendors of Certificate Authority Certificates:
- Entrust
- Microsoft
- OpenCA
- OpenSSL and TLS
- VeriSign
- About the Certificates Table
- Importing Certificates
- Deleting Certificates
- Generating a Certificate Signing Request
- Configuring Simple Certificate Enrollment Protocol
Was This Article Helpful?
Help us to improve our support portal