Am using mutual client cert authentication for an api.My client uses a cert which is singed by Go daddy.The question was, how could i get the root cert of this go daddy which i need to trust manually in certs trust store of ssg.
Does it be not same for all the certs issued by go daddy was signed with the same key,if the was yes, could you pls let me know from where i can download the public key of godaddy?
Dear Popleys ,
There should be 2 options,
1. add pkix.useDefaultTrustAnchors cluster wide property and set it to true, to trust the well know certificate authorities (Go daddy should be included)
2. Godaddy should provide the link(s) to download their root certificate, here is godaday cert repository I found from google,
(option 3, you may ask help from godaddy support.)
Hi Mark,I have added in ssg9.3 verison the following, but still I get the same error
Signer 'cn=go daddy secure certificate authority - g2,ou=http://certs.godaddy.com/repository/,o=godaddy.com\, inc.,l=scottsdale,st=arizona,c=us' is not trusted'</l7:detailMessage><l7:detailMessage id="4208">Authentication failed
Do you think,we need a server start after this change?
'cn=go daddy secure certificate authority - g2' looks like an intermediate certificate, not likely a root certificate.
For intermediate certificate, you still need to import to the gateway.
Thanks for the clarification.