- NG Firewall firmware versions 5.0.1, 5.2.x
Now it is possible to import missing or needed Root-CAs for the SSL Proxy manually via command line interface.
1) It's only possible to import RSA root certificates (no pgp etc)
2) The file extension must be .pem. You can export the root certificate from your browser. Use bvase-64 encoded as export type. In this case you must just rename the .crt file to .pem. The filename must NOT contain blanks or special characters.
3) You need to create the directory "rootcaimport" on the affected box.You do not need to change the file or directory ownership/permissions from root
4) SCP the RSA root certificate to this directory.
5) Restart the SSLProxy on the box from "Control" > "Server" > "Restart Service"
6) Check that a *.pem.import file has been created in /opt/microdasys/conf/rootcaimport
7) The RSA root certificate will show up in the GUI certificate list in "SSL Proxy" > "Certificates"
Link to This Page: