This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intermediate Certificate

Hi, 

i have a SSL Cert signed by Globalsign. Its correctly configured in my apache configuration (cert, key and intermediate). I exported the certificate to the certificate storage of the firewall but how can i use the intermediate certificate?

In some browsers i still get a certificate error depending on the missing intermediate cert in cert chain. 

Anyone an idea?

Thanks (hope my english was not to bad)!


This thread was automatically locked due to age.
Parents
  • In Windows, you can export a certificate with the private key and the certificate chain into a PKCS file, which is what UTM needs.   If you cannot do this, you will have to construct one yourself.

    Download the OpenSSL kit.   The OpenSSL website provides only source code, but has links to other sites that provide pre-built install kits to use at your own risk.

    This command should convert a PKCS#12 format-file to a PEM (PKCS #7 text) file

    <path1>\openssl pkcs12 -in <path2>\<filename>.pfx -out c:\temp\<filename>.pem -nodes

    Append all the .pem files into a single text file using your favorite text editor.

    Then use this command to covert it back to PKCS#12 format.

    <path1>\openssl pkcs12 -export -in <path2>\<filename>.pem -out <filename>_2.pfx

    Then you can load the certificate chain into UTM.

Reply
  • In Windows, you can export a certificate with the private key and the certificate chain into a PKCS file, which is what UTM needs.   If you cannot do this, you will have to construct one yourself.

    Download the OpenSSL kit.   The OpenSSL website provides only source code, but has links to other sites that provide pre-built install kits to use at your own risk.

    This command should convert a PKCS#12 format-file to a PEM (PKCS #7 text) file

    <path1>\openssl pkcs12 -in <path2>\<filename>.pfx -out c:\temp\<filename>.pem -nodes

    Append all the .pem files into a single text file using your favorite text editor.

    Then use this command to covert it back to PKCS#12 format.

    <path1>\openssl pkcs12 -export -in <path2>\<filename>.pem -out <filename>_2.pfx

    Then you can load the certificate chain into UTM.

Children