Certificates issued by this CA are accepted during authentica-
The function is enabled with
The function is disabled by default.
Certificate Revocation
List (CRL) Checking
Only for Certificate is CA Certificate =
Define the extent to which certificate revocation lists (CRLs) are
to be included in the validation of certificates issued by the own-
er of this certificate.
Possible settings:
: No CRLs check.
: CRLs are always checked.
:,& ! 2@/ .#3 #
(default value): A check is only carried out if a CRL
Distribution Point entry is included in the certificate. This can
be determined under "View Details" in the certificate content.
0# # # ! #3) "!"
: The set-
tings of the higher level certificate are used, if one exists. It is
does not, the same procedure is used as that described under
"Only if a CRL Distribution Point is present".
Force certificate to be
Define that this certificate is to be accepted as the user certific-
ate without further checks during authentication.
The function is enabled with
The function is disabled by default.
It is extremely important for VPN security that the integrity of all certificates manually
marked as trustworthy (certification authority and user certificates) is ensured. The dis-
played "fingerprints" can be used to check this integrity: Compare the displayed values
with the fingerprints specified by the issuer of the certificate (e.g. on the Internet). It is
sufficient to check one of the two values.
Teldat GmbH
10 System Management
bintec Rxxx2/RTxxx2