I've got an older CSS-SCA-2FE-K9. We used to get our certs via VeriSign, and than switched to Entrust.
I've repeated this conversion process several times as our Verisign certs expired.
Whenever I've submitted a CSR, I always received a single file back containing the new cert. This time around, I actually received 2 file from Entrust. One is "xxxSSLCert.txt", the other is "xxxCrossCert.txt".
Not bieng familiar with anything "Cross" related, I applied the "SSLCert" file to my SCA, associated it and the corresponding key to my SSL server, and all appears to be fine.
I use the same cert for 3 environments (production, development, and test). I applied the new cert/key to both development and test. The development system works fine, but the Test system has stopped.
When I do a "show ssl sessions" on the SCA, I see the following:
SSL New Accepts - Started (NAS): 5
SSL Reneg - Requested (RR): 0
SSL New Accept/Renegot - Finished (AF): 0
SSL v2 New Accepts - Started (V2AS): 0
SSL v2 New Accept/Renegot - Finished (V2AF): 0
SSL Session Lookup Misses (SLM): 0
Reuse Attempt on Timed Out Session (RATS): 0
Session Removed Due to Full Cache: (SRFC) 0
Session Reuse Actually Done (SRAD): 0
Sorry for the output formatting. But the only counter that increments is the first one. The folks testing the system tell me they see SSL Handshake errors.
I can't figure out why one system works, and the other does not when the only thing that changed was I pointed both SSL servers to the new cert/key pair. If there was an issue with the pair, I would expect some sort of error message.
Like I said, I've done this many times in the past with no problems. It's usually a prett seamless process. The only different thing this time around is I received 2 certs in response to my CSR.
Anybody familair with this siutation? Mayeb somebody could point me in a direction to resolve this...Certificate Groups?!?!?!