[THIN] Re: Cert for CSG server

  • From: "Dirk Blose" <Dirk.Blose@xxxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx
  • Date: Tue, 20 Apr 2004 15:32:08 -0400

Thanks for the help. As it turns out I was not completeing the pending =
Cert request which was causing the exported cert not to have the private =
key I think. Once I completed the pending Cert Request and re-exported the =
file to the PKCS fomrat it worked.=20

Thanks to anyone else that was thinking about this. I just don't mess with =
cert's that much.


Dirk Blose, MCSE, CCA
Lead Technical Analyst
(919) 765-4791
dirk.blose@xxxxxxxxxx

>>> rlambert@xxxxxxxxxxxxxxx 04/20/04 03:24PM >>>
Dirk, is this a nested certificate with an expired intermediary? (you
can verify by double clicking the .crt file and seeing if it has a red X
through it).

If so, you need to obtain the new intermediate certificate and import it
onto both server and client. You can get it from verisign.com's support
area.

-----Original Message-----
From: Dirk Blose [mailto:Dirk.Blose@xxxxxxxxxx]=3D20=20
Sent: Tuesday, April 20, 2004 3:20 PM
To: thin@xxxxxxxxxxxxx=20
Subject: [THIN] Cert for CSG server


I'm trying to get the Cert for our CSG server setup properly and having
=3D3D
problems. Here's what I'm doing according to the Secure Gateway Admin =3D
=3D3D
Guide.

1. On CSG Create Certificate Request file.
2. Go to Verisign Request cert based on Certreq.txt file.
3. Import x.509 Cert from Verisign.
4. Export Cert to PKCS #12 file Cert.pfx
5. Import Cert.pfx file.

After having gone through these hoops, I get and error when lauching a =3D
=3D3D
connection through the CSG. The error is as follows;

The thirdparty SSL provider cannot Proceed (SSL error 5)

In examining the Finaly Cert imported it shows that it does not have a =3D
=3D3D
valid Digital Signature.

Anyone have any idea how I'm screwing this up? I tried the systems with
an =3D3D
internally issued cert and everything works.


Any help is appreciated.

Thanks.


Dirk Blose, MCSE, CCA
Lead Technical Analyst
(919) 765-4791
dirk.blose@xxxxxxxxxx=20


********************************************************
This week's sponsor - Neoware Thin Clients
Neoware makes computing open, secure, reliable,=3D20
affordable, manageable and obsolete-free.=3D20
Starting at $199!=3D20
http://www.neoware.com=3D20=20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm=20
***********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm=20
********************************************************
This week's sponsor - Neoware Thin Clients
Neoware makes computing open, secure, reliable,=20
affordable, manageable and obsolete-free.=20
Starting at $199!=20
http://www.neoware.com=20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm=20
***********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm


********************************************************
This week's sponsor - Neoware Thin Clients
Neoware makes computing open, secure, reliable, 
affordable, manageable and obsolete-free. 
Starting at $199! 
http://www.neoware.com 
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts: