Jump to content


Photo

extended Validation certificates

EV Certificates WAF

  • Please log in to reply
3 replies to this topic

#1 Arnaud Thoen

Arnaud Thoen
  • Members
  • 2 posts

Posted 15 October 2012 - 10:11 AM

Hi,

We are using the WAF to secure some websites.
i have a Instant SSL service directing to my domain interviewtechnolgy.com I have an Geotrust SSL certificate with EV (extended validation).

i know that when i use a EV certificate that i have to load aditional certificate from the issuer (in my case Geotrust).

I have uploaded the SSL certificate to the WAF ( BASIC --> CERTIFICATES --> UPLOAD) and checked that the certificate is availible in the service.
I have uploaded the additional EV issuers certficates from geotrust ( BASIC --> CERTIFICATES --> UPLOAD TRUSTED CERTIFICED), and these are check in the service.

i created the Instant SSL service, edited the service to checkboxed the two EV certificates, but when i do a check for the SSL service by verious websites it tells me that something is wrong:
You may need to install an Intermediate/chain certificate to link it to a trusted root certificate

Can someone help me out, how to setup the extended validation certificate?

greetings
Arnaud Thoen

#2 R V Shiva Kumar

R V Shiva Kumar
  • Barracuda Team Members
  • 44 posts
  • LocationBangalore KA, IN

Posted 15 October 2012 - 10:18 AM

Hi Arnaud,

Looks like you are not uploading the intermediate certificates with the actual SSL Certificate. You do have an option to upload teh intermediate certificates also while uploading the signed certificate in one single shot.

you might be interested in conacting the barracuda support for detailed steps at +1 408 342 5300.
Regards Shiva Kumar RV

#3 Neeraj

Neeraj
  • Product Managers
  • 72 posts

Posted 16 October 2012 - 04:17 AM

If you have access to a *nix machine, you can also check the certificate chain using the openssl verify command.

#4 Arnaud Thoen

Arnaud Thoen
  • Members
  • 2 posts

Posted 16 October 2012 - 05:24 AM

Dear Shiva Kumar,

The solution you provides works perfect.

I converted the Signed Certificate: to a PEM cert
and uploaded the Intermediary Certificates: as a PEM cert al in 1 action.

this worked for my, thanks for the great support!

I checked the certificate chain using http://www.sslshopper.com/ssl-checker.html and it is all good!