Follow the steps outlined here to perform this function:
1. Click Start, Run, type MMC, and click OK.
2. Select File, Add/Remove Snap-in.
3. Click the Add button.
4. Select Certificates from the snap-in list, as shown in Figure 9.23, and then click Add.
256 CHAPTER 9 Enabling Client Remote Access with ISA Server 2006 VPNs
5. Select Computer Account, click Next, then Finish.
6. Select Certificates from the snap-in list and click Add.
7. Select My User Account, click Finish, and then click Close.
8. Save the MMC.
One MMC console can be set up to manage all the different systems that require certificates.
This option is usually not available because the VPN server is protected with a firewall,
so the certificates may have to be transferred on portable, erasable media.
CAUTION
The certificates that are to be exported contain both the private and public key. It is
extremely important to make sure the process that is used to transfer the certificates
from one system to another is secure and the media is destroyed afterward.
Compromising the private key can render the encryption used in the VPN tunnel useless.
In many cases, this transfer takes place at a trusted location, such as a laptop
staging area of a help desk, to avoid compromise of the key.
Pages:
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452