Hello
"Citrix Secure gateway" is an SSL interface to "Web Interface" (to access
Citrix application from a web browser)
I use an OpenCA generated certificate in "secure gateway". I could correctly
connect to the SSL web page but, starting an application. I got SSL 86 error,
not with the name of the serveur certificate but with the name of the CA
certificate...
Is it more clear ?
Doing some search I find the way to create an intermediate CA with openssl
(http://usefulfor.com/nothing/2008/03/20/howto-create-an-intermediate-certifica-authority-ca-using-openssl/)
but not with OpenCA
Thanks you for your help
Robert
-----Message d'origine-----
De : Massimiliano Pala [mailto:p...@cs.dartmouth.edu]
Envoyé : jeudi, 18. février 2010 16:01
À : Users' Help and Suggestions
Objet : Re: [Openca-Users] intermediate certificate
Hi Robert,
can you give us more context ? What is the Citrix Gateway used for ? (sorry,
I have never used it). My guess is that it does a MITM to monitor the
application
traffic, but to do so, the application shall have the certificate of the
C-Gateway installed.. is that right ?
How OpenCA is involved in all this ?
Cheers,
Max
P.S.: A PKCS7 cert bundle is just an empty PKCS7 with certificates attached
to it - you can create it simply by using the `openssl crl2pkcs7 -certfile
<cert1>
-certfile <cert2> ... -certfile <certn>` command.
On 02/18/2010 07:36 AM, Ferro Robert wrote:
> Hello everybody
>
> I am encontering problems using OpenCA certificates with « Citrix Secure
> Gateway » - « web interface »
>
> My certificate and IE configuration are correct : if i connect
> https://mysite.com I do not receive error message. I find in the Citrix
> forums this could be solve by loading an "intermediate CA certificate";
> for example for GoDaddy certificates we must load « PKCS7 Certificate
> Intermediates Bundle (for Windows IIS) »
>
> How could I do it with OpenCA ?
>
> Thanks you
>
> Robert
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users