All Barracuda SSL VPNs, all firmware versions.
- From the appliance web interface, navigate to Basic > SSL
Certificate and fill in the required fields for generating a Certificate Signing Request (CSR) under the Certificate Generation header.
- Once the CSR is generated, submit this to Comodo. Make
sure you select Apache-ModSSL on the Comodo web site as the web server type.
- Comodo will send back a zip file containing three certificates that have a .crt
file extension; these will be your trusted certificate, an intermediate CA root
and a CA root. You will also need to download the private key from the same
place you downloaded the CSR.
The three certificates from Comodo will look like these examples:
your_host_name.crt – your trusted certificate
AddTrustExternalCARoot.crt – the CA root certificate
UTNAddTrustServerCA.crt – the intermediate CA root certificate
- Create a new .crt file and paste the contents of both AddTrustExternalCARoot.crt
and UTNAddTrustServerCA.crt using a text editor and save the file.
- Upload your certificates to the SSL VPN:
- In Trusted Certificate > Upload Signed Certificate, browse to the your_host_name.crt certificate.
- In Upload Certificate Chain Bundle, browse to the newly created combined CARoot certificate.
- Enter sslvpn for the Certificate Password.
- In Upload Private Key, browse to the private key that was downloaded.
- Click Upload Certificate and Key, after which you can change the certificate type in the SSL Certificate Configuration section to Trusted (Signed by a trusted CA).
- Once this has been done, click the Synchronize button at
the bottom of the page to synchronize this certificate with the SSL VPN
interface on port 443.