Brocade Fibre Channel Networking Community

SSL Certificates Not Trusted

  • 1.  SSL Certificates Not Trusted

    Posted 03-14-2013 02:58 AM

    Hi

    We have generated the SSL, via the setup followed as recommended by HDS & Brocade

    seccertutil genkey

     

    Then, we have generated a certificate signing request

    seccertutil gencsr

     

    export the csr file to a server so we can send off to IT.secure to get the cert certified

    seccertutil export -protocol scp -ipaddr yy.yy.yy.yy-remotedir /home/brocade/ -login uxxxxx

    (yy.yy.yy.yy  :  ip address of a server, xx.xx.xx.xx: ip address of the switch)

    IT Secure certified the Certificates. there are 3 files: xx.xx.xx.xx.pem, RootCA.crt and SubnewCA.crt (The root (trusted) and sub (intermediate) certificates)

    Root (trusted)            : Verisign Root CA.crt

    Sub (intermediate)     : Verisign primary intermediate.crt

    Verisign Secondary Intermediate.crt

    For internally signed certificates:

    Root (trusted): RootCA.crt

    Sub (intermediate): SubCANew.crt

    We then renamed the xx.xx.xx.xx.crt as xx.xx.xx.xx.pem and imported the Certificate from the server to the swith via the command

    seccertutil import -config swcert -enable https -protocol scp -ipaddr yy.yy.yy.yy -remotedir /home/brocade/ -certname xx.xx.xx.xx.pem -login uxxxxx

    The certificate installed successfully.

    However, when going to our IE Browser, and type https://xx.xx.xx.xx, the certificates appears as untrusted.

    RootCA.crt is already certified in our company on avaery workstation as Certified XP Desktop Server.

    We tried to concatenate the 3 certs in 1 file and imported successfully, but no joy, our access to the switch is still untrusted.

    Any idea on what we could have missed ?

    Regards.


    #BrocadeFibreChannelNetworkingCommunity