Import Certificates to the Shrew Soft VPN Client
If you use certificates for authentication, you must import your certificates to the Shrew Soft VPN Client before you can connect to your network. If you used Policy Manager to generate the .vpn client profile, you do not have to import the certificates manually because Policy Manager automatically embeds the certificate in the .vpn profile when it is generated. Then, when you import the .vpn profile to the Shrew Soft VPN client, the certificates are already included. If you used Fireware Web UI or the CLI to generate the certificates, after you import the end-user profile (.vpn file) you must manually import these certificates:
- cacert.pem — The certificate for the Certificate Authority
- .p12 file — The client certificate file
For instructions to generate the Shrew Soft VPN end-user profile, see Generate Mobile VPN with IPSec Configuration Files.
To manually import certificates:
- Start Shrew Soft VPN Access Manager.
Shrew Soft VPN Access Manager appears.
- Select an end-user profile (.vpn file).
- Click Modify.
The VPN Site Configuration dialog box appears.
- Select the Authentication tab.
The Authentication settings appear, on three tabs.
- Select the Credentials tab.
- In the Server Certificate Authority File text box, type or select the location and file name of the cacert.pem file.
- In the Client Certificate File and Client Private Key File text boxes, type or select the location and file name of the .p12 certificate file.
- Click Save.