Just a related question? What kind of hardware is required for a
E-Token. Is this some special hardware?....Ramki
fwguru wrote:
Marius,
Import the .p12 file and dont select the "enable strong" option. You will
not be asked for a pass. SecureClient will have the password filed
blanked-out. You should not need the cert pass. I dont recommend doing
that, as probably many on this list would too. I would always get the cert
and private off of the machine and onto an E-Token.
After importing the cert, you can have the private stored onto an E-Token
instead of the CAPI store. I use E-Token everday with certs. Works great
with SecureClient and SSL Network Extender. You could even log onto a
Windows network with it using a cert or an extremely long, randomly
generated password that you dont need to know what it is.
The cert can be stolen even if not marked as exportable if the .p12 file is
still on the disk. ;)
Neil Delacruz
On 1/18/06, Ray <[EMAIL PROTECTED]> wrote:
And "as secure as the Windows logon pasword is".
Ray
From: Janis Myers <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] Secure Client question
Date: Wed, 18 Jan 2006 07:54:55 -0800
Sure you can! Under Windows doubleclick the
certificate file (*.p12 file) and import it to your
Certificate Store (MyStore) of Windows XP for example.
During this procedure you have to specify your
certificate password/pin.
Then you can use the SecureClient with this
certificate for authentication. You are able to find
your Certificate in the pull down list of the
SecureClient. You can use it without putting in the
password again. The MyStore from Windows XP is secure
(as secure as MS$ is).
HTH
Regards,
Janis
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
