03-16-2011 05:23 PM
We have a PKI infrastructure in place, and I was wondering if I could use the cert and key from one of our issuing CA's which chains back to our root CA, instead of the root CA's cert to do HTTPS proxy?
or more technically, will the WSA take an intermediate cert to use for HTTPS Proxy?
Ken
03-16-2011 08:57 PM
Answered my own question: If all else fails, RTFM. Pg 26-34 of the User Guide...
03-17-2011 07:50 AM
The only thing to watch out for is that on some of the older versions, I don't recall specifically which - but it's pretty old, the WSA doesn't send the root (intermediate in this case) along with server cert, so it can cause trust issues in your clients that don't already have the intermediate in their trust store.
You should be fine on any 6.3.5+ / 7.0+ version.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide