Installing a certificate

Last Updated : Nov 20, 2014 |

The SSL VPN service uses digital certificates to verify the identity of the devices at each end of the SSL VPN tunnel. This procedure describes how to install a certificate in the IP Office trusted certificate store.

Manager contains a menu option that allows you to restore the default security settings in IP Office. If you restore your default security settings and the SSL VPN service does not reconnect with the AVG after a few minutes, then you need to re-add the certificate in the trusted certificate store.

Similarly, the Security Manager application allows you to delete the certificate from the trusted certificate store. If you delete the certificate using Security Manager and the SSL VPN service was already connected with AVG, the SSL VPN service disconnects the next time that the tunnel renegotiates the secret key. This renegotiation occurs every 8 hours by default, and may occur at a different interval depending on the settings configured in the AVG. When the SSL VPN service disconnects during a renegotiation, or if you disable the service before the next renegotiation occurs, you cannot enable the SSL VPN service again until you have installed the required certificate in the trusted certificate store.

Before you begin

You must install one of the following types of certificate:

  • the self-signed AVG certificate of the VPN portal the IP Office SSL VPN service connects to

  • the certificate of the CA that signed the AVG certificate

Procedure

  1. Select File > Advanced > Security Settings.

    A dialog box lists the IP Office systems.

  2. Click the checkbox to select the IP Office system where you want to install the certificate.
  3. Click OK.

    A dialog box displays.

  4. In the Service User Name field, enter the user name of the IP Office administrator.
  5. In the Service User Password field, enter the password of the IP Office administrator.
  6. Click OK.

    The credentials are accepted.

  7. In the navigation panel, select Security > System and select the configuration name.
  8. On the Certificates tab, click Add.

    A dialog box displays, prompting you to select a source for the certificate.

  9. Select Paste from clipboard and click OK.

    A dialog box opens to capture the text of the certificate.

  10. Copy your certificate and paste the text into the open window. You must include the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
  11. Click OK.

    The certificate name displays in the Installed Certificates list.

Related information
Configuring an SSL VPN for Avaya partner support