Hi In IKE, how do we manage the certificates in digital signature authentication? Is it ok if we get the certificates of peers out of band, say by e-mail from the peer itself and use them ? or do we need to get the certificate chain from the CA ? And is there any protocol to manage the certificate repository ? Thanks in advance, Kalyan.