AVG / NVG 3050 Intermediate Certificates installation.

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • carlosro
    Aspiring Member
    .
    • Mar 2011
    • 1
    #1

    AVG / NVG 3050 Intermediate Certificates installation.

    Hi,

    I have a question about how to install Intermediate certificates. If I already have a Certificate, but then when the times for renewing it comes, the CA provides the new certificate as well as a Intermediate Certificate.

    I'm assuming, that I'm supposed to create a new certificate, and then, add this one to the Chain List at the SSL Cert configuration. But when creating a new Cert, the CSR should be submitted, then the key generated for this one. Then I think the key won't match for the Intermediate cert I already have.

    Any suggestions about how to do this, or if I'm missing something?.

    Thanks in advance,
    Tags: None
  • brandonguy
    Member
    .
    • Mar 2011
    • 4
    #2
    which release of the 3050 are you running?

    Almost all CA vendors are moving to this newer Intermediate Certificate model. The general answer is there is no problem, but some older software releases can have issues with this new certification model.
    Brandon Guy | Systems Engineer | Avaya | Carolinas

    Comment

    • rshaynes
      Whiz
      .
      • Mar 2010
      • 27
      #3
      A late response.

      Although some CA vendors require or use Intermediate certificates to complete a certificate chain, you should consider the two as separately managed certificates. A CSR (Certificate Signing Request) generated by the VPN Gateway is for a Server certificate only and will be assigned its own expiration date. Similarly the Intermediate certificate has its own validity period and expiration date.

      On the VPN Gateway this would be the equivalent to assigning a separate certificate index (i.e. cert 1) for the Server cert as well as assigning a separate certificate index (i.e. cert 2) for the Intermediate certificate as provided by the CA vendor. The VPN service would then be configured use cert 1 for the Server certificate and cert 2 for the cachain Intermediate certificate.

      Most modern browsers include enhancements which allow them to acquire necessary certificates as required without user involvement, including root CA certs as well as Intermediate certificates.

      Comment

      Previous template Next
      Loading