Two SSL providers - intermediate certificates

Hello,

 

 

we named the verisign intermediate "verisign_intermediate_ca_bundle". Maybe you could try a name like "networksolutions_intermediate_ca_bundle"?

 

 

HTH :-)

 

bsdpruegelknabe

bsdpruegelknabe's suggestion should work fine to allow you to create a new cert bundle.

 

 

Did you get an error from the GUI when trying to save it with a different name? What was the error?

 

 

Aaron

Hey Merwolf,

Here is the good news, You are running 9.X, Which means you are allowed to select any ICA.

Here is some background info that i would like to share for the benefits of the newbies that might stumble across this post.

We normally have a 3 Tier Architecture.

Root Cert

|

|

---- Intermediate Certificate

|

|

------------ Certificate Issued to the Site/ Person

The Root authorities are very few and they delegate their rights to the ICA, from which we most likely use the ICA (Verisign is a Root CA)

Now when you install the certificates, you have to use client SSL profiles to bind them to the Virtual Servers

When you create the new profile , you would find the option of ICA and trusted CA authority.

Here is what you can try, Log in to the LB in the GUI and Click on Local Traffic --> SSL Certificates

Click on Import and Import the cert which is shown as the tier 2 certificate.

You would have generated a CSR (Certificate Signing request) that will create the Key.

Import the new cert matching the key, which you get from the CA

Define your new SSL profile

profile testcert {
  key "www.example.com-key"
  cert "www.example.com-crt"
  ca "TrustedCAwhichyouimported.crt"
}

The one given above is a mere example. In the case, you have to define the top level as well that can also be done

This would work as per you needs, if you face problems using this then we can modify the existing "intermediate-ca.crt" using openssl x509 tools to accept the new cert. Please try it out and let me know.