SSL VPN
Reply
Contributor
DeaconZ
Posts: 140
Registered: ‎01-14-2009
0
Accepted Solution

Wildcard cert not recognized

I have a new Exchange 2010 SP1 OWA site using a Verisign wildcard certificate to enable ssl. It works fine internally, but we only allow access to it externally via the SSL VPN. However we have a problem. For some reason my SSL VPN throws a certificate warning "The certificate was not issued by a trusted certificate authority" whenever you click on the web bookmark for the OWA. :smileysad:

 

The cert is from Network Solutions, and the CA cert is in the VPN's Trusted CA store. Anybody have an idea why it refuses to trust it?

 

SA-4500

6.5R6 (build 16339)

Distinguished Expert
muttbarker
Posts: 2,393
Registered: ‎01-29-2008
0

Re: Wildcard cert not recognized

You may need to add an intermediary certificate for Verisign into your cert store. I have seen this error occur and that resolved it.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Contributor
DeaconZ
Posts: 140
Registered: ‎01-14-2009
0

Re: Wildcard cert not recognized

 


muttbarker wrote:

You may need to add an intermediary certificate for Verisign into your cert store. I have seen this error occur and that resolved it.


I marked this as the solution since it pointed me in the right direction. Network Solution's CA in the chain above it was already in there, but the one above that was not. So I manually added the "grand-daddy" CA cert for Network Solutions to the Trusted Server CA on the IVE and presto!

 

Trusted Contributor
stine
Posts: 437
Registered: ‎05-05-2008
0

Re: Wildcard cert not recognized

Also note that Verisign has moved to the G3 version of their intermediate certificate.

Theodore E Van Iderstine
Stream Networks
+1 678 373 4200 x125
JNCIA-ER (expired), JNCIA-SSL (ditto)
New User
rferre@bstcat.net
Posts: 1
Registered: ‎05-14-2012
0

Re: Wildcard cert not recognized

Hello,

 

I tried to put an intermediate certificate and the root CA trusted server too. It didn't works, can you give me the link of the certificates i need install?

Thanks a lot.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.