Local User
You must select a local user to associate this certificate with here. By doing so the user may download everything they need to create the IPsec VPN from Userpass.

This solves the infamous "key distribution problem". All you (the administrator) needs to do is create the certificate. You can let your users get the certificates themselves over a secure channel.

Please refer to your EnGarde documentation for more information on this subject.