Forum Discussion

Nimbostratus

Jul 29, 2010

SSl chain issue

I recently renewed a certificate on my pair of 1600s, running 9.4.7. The cert shows up as valid for another year and from most logins all is fine. For external customers however, there is an...

config

design

hoolio

Cirrostratus

Jul 30, 2010

You shouldn't specify a key when importing an intermediate or root cert that you're going to use as a chain cert. You should only specify the key for the cert which you are using in the cert and key fields of the client SSL profile.

I'd start with a new client SSL profile. Specify the portal.city.ac.uk.crt and portal.city.ac.uk.key in the cert and key fields. Then in the Chain field, specify the chain cert that you created using 'cat Intermediate.crt portal.city.ac.uk.crt ca-bundle.crt > chain.crt'.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)