Avaya Support Forums  

Go Back   Avaya Support Forums > Avaya Networking Products

Thread Tools Search this Thread Display Modes
Old 03-18-2011, 10:50 AM
carlosro carlosro is offline
Aspiring Member
Join Date: Mar 2011
Posts: 1
carlosro has 10 reputation points
Default AVG / NVG 3050 Intermediate Certificates installation.


I have a question about how to install Intermediate certificates. If I already have a Certificate, but then when the times for renewing it comes, the CA provides the new certificate as well as a Intermediate Certificate.

I'm assuming, that I'm supposed to create a new certificate, and then, add this one to the Chain List at the SSL Cert configuration. But when creating a new Cert, the CSR should be submitted, then the key generated for this one. Then I think the key won't match for the Intermediate cert I already have.

Any suggestions about how to do this, or if I'm missing something?.

Thanks in advance,
Reply With Quote
Old 03-22-2011, 04:49 PM
brandonguy brandonguy is offline
Join Date: Mar 2011
Location: Raleigh
Posts: 4
brandonguy has 10 reputation points

which release of the 3050 are you running?

Almost all CA vendors are moving to this newer Intermediate Certificate model. The general answer is there is no problem, but some older software releases can have issues with this new certification model.
Reply With Quote
Old 01-27-2012, 09:04 AM
rshaynes rshaynes is offline
Join Date: Mar 2010
Location: Eastern Time Zone, United States
Posts: 27
rshaynes has 12 reputation points

A late response.

Although some CA vendors require or use Intermediate certificates to complete a certificate chain, you should consider the two as separately managed certificates. A CSR (Certificate Signing Request) generated by the VPN Gateway is for a Server certificate only and will be assigned its own expiration date. Similarly the Intermediate certificate has its own validity period and expiration date.

On the VPN Gateway this would be the equivalent to assigning a separate certificate index (i.e. cert 1) for the Server cert as well as assigning a separate certificate index (i.e. cert 2) for the Intermediate certificate as provided by the CA vendor. The VPN service would then be configured use cert 1 for the Server certificate and cert 2 for the cachain Intermediate certificate.

Most modern browsers include enhancements which allow them to acquire necessary certificates as required without user involvement, including root CA certs as well as Intermediate certificates.
Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -7. The time now is 06:42 AM.

This Forum is provided solely for the use and convenience of Avaya customers and partners. Use of the Forum is subject to the Terms and Use and Privacy Statement found at www.avaya.com. No other use is permitted. The Forum including all content posted is “AS IS” and Avaya expressly disclaims all warranties and/or guarantees as to its accuracy, reliability, usefulness, quality or non-infringement of intellectual property. Avaya reserves the right to remove any content posted on the Forum at any time and for whatever reason.

Avaya will not be liable for any content posted on this Forum, including, without limitation, any errors or omissions or for any losses or damages of any kind incurred as a result of use or reliance on any content, regardless of its origin.

You expressly understand and agree that you assume all risks associated with use or reliance on this content.