09-20-2008 04:52 PM - edited 02-21-2020 03:01 AM
Hi,
I recently upgraded my CCA servers to 4.1.6 and it wants me to replace the temporary cert on the CAM. I have replaced it with a cert I have signed with my CA and uploaded my CA Cert into the CAM and the CAS.
The CAM is happy, and my web browser will verify the cert, however I can't get communication with between the CAM and CAS to work. Anyone had any luck with this?
09-21-2008 11:44 PM
Hi Peter,
Are your CAS certs signed by the CA too? Is there anything in the CAM log about certificate errors?
Cheers,
09-22-2008 08:44 PM
Hi,
Yes I had loaded my CA cert into NAC as a CA Authority but I found another problem, to do with upgrading to 4.1.6, which is probably giving me grief and I'm waiting for the TAC to solve that one before I try again.
10-06-2008 09:26 PM
Did you find the solution for it.
I am also looking for it it is really a pain to first produce Certificates from any CA server then do this.
10-16-2008 08:41 PM
Got my cert to work after fixing my other problem.
The other problem was a single space after -----End Certificate-----
in the cert I bought for the CAS.
My formulae for creating a self signed cert was
# Create a private key and certificate request # for your own CA:
openssl req -new -newkey rsa:2048 -out ca.csr -keyout ca.key
# Create your CA's self-signed certificate
# Set the days to 3650 so it will last 10 years
openssl x509 -trustout -signkey ca.key -days 3650 -req -in ca.csr -out ca.pem
#edit ca.pem so that the strings
#"TRUSTED CERTIFICATE" read "CERTIFICATE"
# Generate a key for the server Cert
openssl genrsa -out server.key 2048
# Generate a cert signing request for the server
openssl req -new -key server.key -out server.csr
# Sign the request using your CA
# ca.srl contains something like 02
openssl x509 -req -in server.csr -CA ca.pem -days 3650 -CAkey ca.key -CAserial ca.srl -out server.pem
You prolly want to edit your openssl.cnf first and fill in some of the defaults.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: