CLEANACCESS Archives

January 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Need help with DigiCert Wildcard Cert!
From:
"Daniel R. Sullivan" <[log in to unmask]>
Reply To:
Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:
Thu, 4 Jan 2007 23:19:44 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (20 lines) 
I'm at my wits end.  I looked back through the archives and tried all the
stuff Rob Crockett was told to do with his godaddy/starfield cert.

Here are the steps I've done:
- Wildcard cert lives on an IIS server
  - Exported cert with private key as pfx
- Used openSSL to strip the password giving me the private and public in the
same pem file.
- Upload that private file to CCA, that gives a Success message
- Upload the root CA cert to the "* Trust non-standard . . ." which gives:
Success. Changes will take effect after you restart the server.
- Upload the intermediate CA cert to the "* Trust non-standard . . ." which
gives: Success. Changes will take effect after you restart the server.

So I do the reboots and try to Verify and Install and I get: Error: The
Uploaded CA-signed Certificate doesn't match the Uploaded Private Key.

Using a similar method on my proxy server (EZProxy) the cert works just fine
so it is something with the CCA quirks that I'm butting my head against.

ATOM RSS1 RSS2