Q: How many certificates need to be imported to the SVN3000 for authentication?
At least one CA certificate must be imported for authentication on the SVN3000. Only the client certificate issued by the imported CA certificate can be authenticated. That is, the client certificate must be issued by the CA certificate imported.
A maximum of 1280 CA certificates can be imported on the SVN3000.
In addition, the SVN3000 can import a device certificate, which determines whether the certificate warning dialog box is displayed when the client accesses the SVN3000. The client obtains the information about the certificate issuer from the SVN3000, and checks whether the issuer is trusted or untrusted. If the issuer is untrusted, the certificate warning dialog box is displayed, in which the user can choose to trust the issuer. If the user chooses to trust the certificate issuer, the device certificate does not affect the SSL VPN authentication.
Do not import the user certificate of the client to the SVN3000.