It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

Manual Root-CA import for the SSL Proxy engine

  • Type: Knowledgebase
  • Date changed: one year ago

Solution #00005377



Scope:
This solution replies to:
- NG Firewall firmware versions 5.0.1, 5.2.x
- netfence firmware versions 4.2.14

Symptoms:

Now it is possible to import missing or needed Root-CAs for the SSL Proxy manually via command line interface.



Solution:

1) It's only possible to import RSA root certificates (no pgp etc)

2) The file extension must be .pem. You can export the root certificate from your browser. Use bvase-64 encoded as export type. In this case you must just rename the .crt file to .pem. The filename must NOT contain blanks or special characters.

3) You need to create the directory "rootcaimport" on the affected box.You do not need to change the file or directory ownership/permissions from root
   mkdir  /opt/microdasys/conf/rootcaimport 

4) SCP the RSA root certificate to this directory.

5) Restart the SSLProxy on the box from "Control" > "Server" > "Restart Service"

6) Check that a *.pem.import file has been created in /opt/microdasys/conf/rootcaimport 

7) The RSA root certificate will show up in the GUI certificate list in "SSL Proxy" > "Certificates"


Link to This Page:
https://campus.barracuda.com/solution/50160000000IMleAAG