Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1080 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Trying to install CACert root ca into asg, No luck

cpm
Any clues out there? 

I really like this box, but the docs seem a spotty. 

Am trying to get started with ipsec, and I really wish
folks would include CACert, so I didn't have to pull nails
with a screwdriver to get crypto boxes to behave.


This thread was automatically locked due to age.
Parents
  • 0
    I think it`s better to get your  own  CA up and running!  
    It`s not really difficult. 

    Do you intend in the future to have a PKI not just for ASL? There are several reasons in this case not to install your Root CA on your FireWall Box. Are you using any Directory Service like Microsoft Active Directory?

    regards

    Christian
  • 0 in reply to TuneUp
    No, it's pretty easy, nicely so in fact, to do your own certificates with this software. 

    However, the WHOLE POINT behind using a root CA to sign your csrs  is to avoid man-in-the-middle attacks. When you sign
    your own csrs, there isn't a 3rd party validation, so the 
    connection (in theory) becomes spoofable.
  • 0 in reply to cpm
    Hi, what you mean with 3rd party validation? And what kind of root ca do you try to upload?

    Chris
Reply Children
No Data
Cookie Information Banner