, there are now many more instances where 2 intermediates are required. The latest type of SSL certificate (Extended Validation SSL) requires the use of a cross certficate in the chain. As such the CSS does not seem to be able to support this configuration and we've seem cases now of either the CSS being rejected by the hosting provider or the certificate being downgraded by the hosting provider. I'd like to enquire how Cisco plans to support a 4 certifcate hirearchy in the future. As an example pick any EV web site ebay/paypal or banks like abk.be and look at the chain with a current version Opera or a non EV web browser like IE 6.0
Re: SSL - More than one intermediate certificate in CSS to suppo
I came across this in Feb when the new E.V. certs became avaialbe. You need to concatenate the root, intermediate and server certificate into one chained certificate. The existing root certs in the browsers certificate store can authenticate the new root certificate which validates the whole chain including the server cert.
Doing it this way means you can have as many certs in the chain as is required.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...