Managing certificates
Certificates are used for all kinds of useful things like decrypting TLS/SSL traffic, authenticating users, and ensuring an SSL VPN is secure. When performing SSL decryption, the firewall needs to have access to a certificate the client will trust so it doesn’t cause a certificate warning in the browser. The firewall will also need to know which root certificate authorities are trustworthy and which ones should cause red flags to pop up. It will need to provide a valid certificate when a VPN client connects to the portal or gateway and the administrator should ideally also be greeted by a friendly lock in the address bar rather than a warning page. All these certificates can be managed from the Device | Certificate management | Certificates menu. As you can see from Figure 5.27, certificates in a chain are automatically sorted so you have immediate visibility of what their relationship is. Several certificates also have a usage.
A Trusted Root CA Certificate...
