Solution #00004274
Scope:
All Barracuda SSL VPNs, all firmware versions.
Answer:
- From the appliance web interface, navigate to Basic > SSL Certificate and fill in the required fields for generating a Certificate Signing Request (CSR) under the Certificate Generation header.
- Once the CSR is generated, submit this to Comodo. Make sure you select Apache-ModSSL on the Comodo web site as the web server type.
- Comodo will send back a zip file containing three certificates that have a .crt file extension; these will be your trusted certificate, an intermediate CA root and a CA root. You will also need to download the private key from the same place you downloaded the CSR.
The three certificates from Comodo will look like these examples:
your_host_name.crt ? your trusted certificate
AddTrustExternalCARoot.crt ? the CA root certificate
UTNAddTrustServerCA.crt ? the intermediate CA root certificate
- Create a new .crt file and paste the contents of both AddTrustExternalCARoot.crt and UTNAddTrustServerCA.crt using a text editor and save the file.
- Upload your certificates to the SSL VPN:
- In Trusted Certificate > Upload Signed Certificate, browse to the your_host_name.crt certificate.
- In Upload Certificate Chain Bundle, browse to the newly created combined CARoot certificate.
- Enter sslvpn for the Certificate Password.
- In Upload Private Key, browse to the private key that was downloaded.
- Click Upload Certificate and Key, after which you can change the certificate type in the SSL Certificate Configuration section to Trusted (Signed by a trusted CA).
- Once this has been done, click the Synchronize button at the bottom of the page to synchronize this certificate with the SSL VPN interface on port 443.
https://campus.barracuda.com/solution/50160000000Hod3AAC