AnsweredAssumed Answered

R80.10 GAiA Portal - Problems Importing already issued WILDCARD 2048 Certificate

Question asked by ccse89f54c70-508c-400f-9477-dd8648799b1e on Aug 11, 2017
Latest reply on Aug 23, 2017 by ccse89f54c70-508c-400f-9477-dd8648799b1e

Hi folks

 

just a quick one but to some extent complicated thing: Little background though.

 

1. R80.10 Standalone Appliance (all-in-one) as usual
2. no PKI done for either VPN or MAB (MAB is not in use)
3. Gaia Portal has typical per-ip Cert error when you try to log in - that's normal

 

Research:

 

1. replace files at

 

/web/conf/server.crt
/web/conf/server.key

 

with your own one from your *.domain.com set (received as issued with Public CA)

 

based on sk109593

 

- result: Tomcat does not wake up at all making your GAIA portal unusable

 

2. replacing above files is not enough as long as your $CPDIR/conf/openssl.cnf has no CSR issued within the shell (of course not as the CSR was done separately on different device in order to make wildcard cert!)
3. I see no path for importing wildcard cert without generating csr on particular appliance - do you?

 

GOAL:

 

1. have all GAIA portal(s) from each appliance within the network using same wildcard cert already in hand from Comodo.

 

---

 

any ideas/tips/hints chaps?

 

much appreciate your assistance as always (PhoneBoy especially) :)

 

Cheers

 

Jerry

Outcomes