cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
395
Views
10
Helpful
2
Replies
Highlighted
Engager

Use a chained SSL cert instead of root CA cert?

We have a PKI infrastructure in place, and I was wondering if I could use the cert and key from one of our issuing CA's which chains back to our root CA, instead of the root CA's cert to do HTTPS proxy?           

or more technically, will the WSA take an intermediate cert to use for HTTPS Proxy?

Ken

2 REPLIES 2
Highlighted
Engager

Re: Use a chained SSL cert instead of root CA cert?

Answered my own question:  If all else fails, RTFM.  Pg 26-34 of the User Guide...

Highlighted
Beginner

Re: Use a chained SSL cert instead of root CA cert?

The only thing to watch out for is that on some of the older versions, I don't recall specifically which - but it's pretty old, the WSA doesn't send the root (intermediate in this case) along with server cert, so it can cause trust issues in your clients that don't already have the intermediate in their trust store.

You should be fine on any 6.3.5+ / 7.0+ version.