Hi, I'm having issues enrolling a new SSL certificate from Verisign into my R65 Cluster for SNX usage.
Verisign issues 3 CA Certificates: The certificate hierarchy goes like this below: Root CA - G1 Primary Intermediate - G5 2021 Secondary Intermediate G3 SSL Cert I was successfully able to 1)Create the ROOT CA, 2) then two additional subordinate CA for each of the intermediate CA certificates. 3)Then went in to create a Certificate on the actual firewall object from the Secondary Intermediate G3 CA, 4)generated CSR with appropriate DN (I quadruple checked the accuracy of this) 5) and then submitted back to Verisign. When attempting to complete the process with the signed item back from Verisign, we get an error message: "The new issued certificate does not match the enrollment request" The worse thing is that I have NO issues with any of the Trial SSL process from Thawte AND Verisign themselves.but only with the production one.. Has anyone been able to successfully import a Verisign SSL Cert for SNX lately? ================================================= To set vacation, Out-Of-Office, or away messages, send an email to lists...@amadeus.us.checkpoint.com in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email fw-1-ow...@ts.checkpoint.com =================================================
