I created an CSR and the only option that gave me for rsa key was 2048.
Now I got a certificate (again with a 2048 length key) from a local certificate in the organization but I received only one cer file which does not includes the root certificate.
Is this ok?
I am asking because you mentioned this
if you are getting your host certificate from a local CA within your domain you will most likely not have any intermediate CA certificates.
If you weren't issued a CA cert along with the CMA host cert then you will have a problem. If you try to install the host cert the CMA will complain about not being able to validate the issuer. The normal procedure is to install the CA cert first and then the host cert.
Since we are talking about a local domain certificate you probably have the root CA cert installed on your PC. First you would have to look at the host certificate that was issued to you and find the Issuer field. Then in your PC local certificate store go through the Trusted Root Certificate Authorities list and find the cert that matches the Issuer. Right click on that and export it as a Base-64 encoded X.509 file. Upload that .cer file to the CMA then upload the CMA host certificate you were given.
Your help is tremendous. Thank you very much.
One last note, if for some reason there is an intermediate CA (or more), the procedure is
1) upload the root certificate
2) upload any intermediate certificates
3) upload host certificate
Thank you very much again.
That's the order I do them, yes.
"Hi Mike, when I upload the root-certificate (local domain), I am getting the message that the certificate is invalid and it must be valid before the CMA will be restarted. This is because the certificate has an incomplete trust chain and the certificate has no associated CRL. But the uploaded certificate is recognized as "Trusted root CA". Can I ignore the message? My next steps are to restart the CMA, upload the host-certificate and restart the CMA again. Am I on the right way? Thank you for your help! Markus"
After these actions and reboot, the local user base disappeared. But at the same time authorization works (from somewhere he knows about the users who were in the database)
I have the same problem as the rest of the people.
I have uploaded a single file containing the root certificate and the intermediate.
The system requested for a reboot and I have rebooted the unit.
When the system returned online, I got a message saying "The certificate has an incomplete trust chaing".
If I install the root and intermediate certificate in my windows pc, the final certificates turns up fine trusted as it should so I don't think there is a problem with the certs.
Also I lost the user database I get the same message @0@, even if I add a user, the new user is not visible.