Is there a way to extend the CA certificate used for the IPSec VPN?