06-24-2014 11:42 AM
Hello,
I have an internal Windows CA that we would like to use for SSL/HTTPS decryption within PRSM. I have attempted to export/import all of the different methods I can think of, but I can't seem to get a combination that works with PRSM.
Does anyone have any input, or an article that details the steps for doing so? I've used OpenSSL before for similar things, but for some reason it seems like PRSM is a bit more fussy.
Thanks in advance.
Mark
06-24-2014 03:13 PM
Do I understand the question is how to issue PRSM a certificate using your internal Windows CA (who is a trusted root CA for your users) so that it can apply a decryption policy for SSL traffic without the users having to accept / import and new certificates in to their trusted certificate store?
If so, are you following the process documented here?
07-07-2014 06:30 AM
Hi Marvin,
Thanks for the reply, I've been on vacation for 10 days and just getting back to this now.
You are correct, that's exactly what I am trying to do. I did find that document, but I am having a hard time getting the format correct for the import to work. Should I be creating a certificate within IIS, and then exporting it with the private key and importing it into PRSM?
Thanks,
Mark
07-07-2014 07:29 AM
The thing that confuses me is this line:
"If you request a new certificate from a CA, ensure that you request a certificate that is itself a Certificate Authority. In other words, you need to have a certificate that is enabled for issuing additional “child” certificates."
I'm not sure how to do this, as I've never had to do so.
Thanks,
Mark
07-07-2014 08:10 PM
I believe, to put it in Microsoft's terms, that they want you to issue the CX a certificate using the "subordinate CA" template available on Microsoft's Active Directory Certificate Services' terminology (link to Technet reference).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide