Applies to all Barracuda SSL VPNs.
- From the appliance web interface, navigate to Basic > SSL Certificate and fill in the required fields for generating a Certificate Signing Request (CSR) under the Certificate Generation header.
- Once the CSR is generated, submit this to Verisign. They will send an email that has the certificate string within the message. NOTE: When entering information, make sure that the certificate is going to be for Apache.
- You will then use a text editor and save it as a .pem extension. An intermediate certificate is needed to properly upload and will need to be obtained through the Verisign website. You will need to know whether the signed certificate an EV (Extended Validation) or non EV certificate and also if it is a SS (Secure Site) or SS Pro certificate. NOTE: You will need to go to:
Locate the specific intermediate certificate based on Verisign?s version of Signed certificate.
- Copy and paste the appropriate intermediate certificate and save it as a .txt extension.
- Once the signed certificate and intermediate certificate are obtained, navigate to Basic > SSL Certificate in the appliance interface:
- In Trusted Certificate > Upload Signed Certificate, browse to the your_host_name.crt certificate.
- In Upload Certificate Chain Bundle, browse to the newly created combined CARoot certificate.
- Enter sslvpn for the Certificate Password.
- In Upload Private Key, browse to the private key that was downloaded.
- Click Upload Certificate and Key, after which you can change the certificate type in the SSL Certificate Configuration section to Trusted (Signed by a trusted CA).
- Once this has been done, click the Synchronize button at the bottom of the page to synchronize this certificate with the SSL VPN interface on port 443. Note: If using firmware version 1.4.0.013 and lower, please contact Barracuda Networks Technical Support for assistance with synchronizing your certificate.
Link to this page: