Fibre Channel (SAN)

Reply
N/A
Posts: 1
Registered: ‎03-14-2013

SSL Certificates Not Trusted

Hi

We have generated the SSL, via the setup followed as recommended by HDS & Brocade

seccertutil genkey

 

Then, we have generated a certificate signing request

seccertutil gencsr

 

export the csr file to a server so we can send off to IT.secure to get the cert certified

seccertutil export -protocol scp -ipaddr yy.yy.yy.yy-remotedir /home/brocade/ -login uxxxxx

(yy.yy.yy.yy  :  ip address of a server, xx.xx.xx.xx: ip address of the switch)

IT Secure certified the Certificates. there are 3 files: xx.xx.xx.xx.pem, RootCA.crt and SubnewCA.crt (The root (trusted) and sub (intermediate) certificates)

Root (trusted)            : Verisign Root CA.crt

Sub (intermediate)     : Verisign primary intermediate.crt

Verisign Secondary Intermediate.crt

For internally signed certificates:

Root (trusted): RootCA.crt

Sub (intermediate): SubCANew.crt

We then renamed the xx.xx.xx.xx.crt as xx.xx.xx.xx.pem and imported the Certificate from the server to the swith via the command

seccertutil import -config swcert -enable https -protocol scp -ipaddr yy.yy.yy.yy -remotedir /home/brocade/ -certname xx.xx.xx.xx.pem -login uxxxxx

The certificate installed successfully.

However, when going to our IE Browser, and type https://xx.xx.xx.xx, the certificates appears as untrusted.

RootCA.crt is already certified in our company on avaery workstation as Certified XP Desktop Server.

We tried to concatenate the 3 certs in 1 file and imported successfully, but no joy, our access to the switch is still untrusted.

Any idea on what we could have missed ?

Regards.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.