Re: [Openca-Users] intermediate certificate

Thu, 18 Feb 2010 09:18:20 -0800 

Hello

"Citrix Secure gateway" is an SSL interface to "Web Interface" (to access 
Citrix application from a web browser)

I use an OpenCA generated certificate in "secure gateway". I could correctly 
connect to the SSL web page but, starting an application. I got SSL 86 error, 
not with the name of the serveur certificate but with the name of the CA 
certificate...

Is it more clear ?



Doing some search I find the way to create an intermediate CA with openssl 
(http://usefulfor.com/nothing/2008/03/20/howto-create-an-intermediate-certifica-authority-ca-using-openssl/)
 but not with OpenCA



Thanks you for your help

Robert



-----Message d'origine-----
De : Massimiliano Pala [mailto:p...@cs.dartmouth.edu]
Envoyé : jeudi, 18. février 2010 16:01
À : Users' Help and Suggestions
Objet : Re: [Openca-Users] intermediate certificate



Hi Robert,



can you give us more context ? What is the Citrix Gateway used for ? (sorry,

I have never used it). My guess is that it does a MITM to monitor the 
application

traffic, but to do so, the application shall have the certificate of the

C-Gateway installed.. is that right ?



How OpenCA is involved in all this ?



Cheers,

Max





P.S.: A PKCS7 cert bundle is just an empty PKCS7 with certificates attached

to it - you can create it simply by using the `openssl crl2pkcs7 -certfile 
<cert1>

-certfile <cert2> ... -certfile <certn>` command.





On 02/18/2010 07:36 AM, Ferro Robert wrote:

> Hello everybody

>

> I am encontering problems using OpenCA certificates with « Citrix Secure

> Gateway » - « web interface »

>

> My certificate and IE configuration are correct : if i connect

> https://mysite.com I do not receive error message. I find in the Citrix

> forums this could be solve by loading an "intermediate CA certificate";

> for example for GoDaddy certificates we must load « PKCS7 Certificate

> Intermediates Bundle (for Windows IIS) »

>

> How could I do it with OpenCA ?

>

> Thanks you

>

> Robert



------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to