Jump to content


Photo

Install Tusted External Cert for SSLVPN

ssl vpn certificate external

Best Answer Nick Haas, 06 November 2019 - 01:56 PM

You will have to create a CSR f.e. with OpenSSL on the CLI of the box.

 

 

Thanks for this. It worked perfectly. I was able to generate a KEY (with no password) and a CSR. I purchased a 1 year Comodo SSL certificate for $8.95 in "Other" format. They sent the certs in CRT format and at the end of the email was a raw PEM cert in plain text in the email. I just copied both of them and using the NGAdmin client installed them from the clipboard. SEND/ACTIVATE and it worked perfectly.

Go to the full post


  • Please log in to reply
3 replies to this topic

#1 Nick Haas

Nick Haas
  • Members
  • 2 posts

Posted 21 October 2019 - 08:54 AM

I'd like to install a signed trusted certificate to prevent the warnings my users receive when logging into CudaLaunch. I'm having a hard time figuring out how to request and install the proper certificate. I believe I need to install one into the configuration for the SSLVPN service itself: Box-->Virtual Servers-->(server name)-->Assigned Services-->VPN-->SSLVPN

 

There's a drop down to choose "External Certificate" and then I can select an External-Signed Private Key and External-Signed Certificate.

 

What I can't figure out is how to request this...  typically I would generate a CSR, but I can't find any way to do this through the NGAdmin client. Additionally, I'm not sure what type of certificate to purchase. The interface wants a PKCS12 or PEM file. 

 

Anyone have experience with this or can offer recommendations? Thanks.

 

Edit: This is on my F18



#2 Micha Knorpp

Micha Knorpp
  • Members
  • 180 posts
  • LocationGermany, BW

Posted 06 November 2019 - 04:48 AM

You will have to create a CSR f.e. with OpenSSL on the CLI of the box.

 

regards

Micha


regards,
-micha-

#3 Manuel Huber

Manuel Huber
  • Members
  • 155 posts

Posted 06 November 2019 - 10:57 AM

Hello,

 

already in 2016 a feature request was made to provide the functionality to create CSRs in NG Admin - I can only suggest to vote for this. It is already marked as planned and I guess it should not be too much effort to implement, so hopefully we can see such a feature soon.

 

FRQ:

https://netsecfeedba.../ideas/NGF-I-59



#4 Nick Haas

Nick Haas
  • Members
  • 2 posts

Posted 06 November 2019 - 01:56 PM   Best Answer

You will have to create a CSR f.e. with OpenSSL on the CLI of the box.

 

 

Thanks for this. It worked perfectly. I was able to generate a KEY (with no password) and a CSR. I purchased a 1 year Comodo SSL certificate for $8.95 in "Other" format. They sent the certs in CRT format and at the end of the email was a raw PEM cert in plain text in the email. I just copied both of them and using the NGAdmin client installed them from the clipboard. SEND/ACTIVATE and it worked perfectly.