将中间证书加载到 Infoblox NIOS
Loading intermediate certificate into Infoblox NIOS
我们有一个 SSL/TLS 证书加载到 infoblox NIOS 设备中,它是 newer/cheaper 证书之一,通常需要中间证书才能在现代 Web 浏览器中完成真实性验证。
infoblox NIOS 设备服务器不再受支持,文档明确指出支持加载中间证书。但是,它没有具体说明如何实现这一点。尝试将证书和中间件作为捆绑包加载会导致 NIOS 接口响应证书无效的错误。尝试单独加载证书不起作用,因为它只允许为 HTTPS 接口加载一个证书。
有人知道如何使用 NIOS 网络界面执行此操作吗?
来自 Infoblox NIOS 管理指南 (http://dloads.infoblox.com/direct/appliance/NIOS/NIOS_AdminGuide_8.0.pdf):
When you receive the certificate from the CA, and import it
to the appliance, the NIOS
appliance finds the matching
CSR and takes the private key associated with the CSR and
associates it with the newly imported certificate. The
appliance then automatically deletes the CSR.
If the CA sends an intermediate certificate that must be
installed along with the server certificate, you can upload
both certificates to the appliance. The appliance supports
the use of intermediate certificates to complete the chain
of trust from the server certificate to a
trusted root CA. This eliminates intermediate certificate security warnings that
appear when you open a web browser and try to connect to an Infoblox appliance.
很烦人,不过好像每次都要重新做一个CSR,然后才能上传证书。我将服务器证书和中间证书放在同一个 .pem 文件中,这似乎有效。
我们有一个 SSL/TLS 证书加载到 infoblox NIOS 设备中,它是 newer/cheaper 证书之一,通常需要中间证书才能在现代 Web 浏览器中完成真实性验证。
infoblox NIOS 设备服务器不再受支持,文档明确指出支持加载中间证书。但是,它没有具体说明如何实现这一点。尝试将证书和中间件作为捆绑包加载会导致 NIOS 接口响应证书无效的错误。尝试单独加载证书不起作用,因为它只允许为 HTTPS 接口加载一个证书。
有人知道如何使用 NIOS 网络界面执行此操作吗?
来自 Infoblox NIOS 管理指南 (http://dloads.infoblox.com/direct/appliance/NIOS/NIOS_AdminGuide_8.0.pdf):
When you receive the certificate from the CA, and import it to the appliance, the NIOS appliance finds the matching CSR and takes the private key associated with the CSR and associates it with the newly imported certificate. The appliance then automatically deletes the CSR.
If the CA sends an intermediate certificate that must be installed along with the server certificate, you can upload both certificates to the appliance. The appliance supports the use of intermediate certificates to complete the chain of trust from the server certificate to a trusted root CA. This eliminates intermediate certificate security warnings that appear when you open a web browser and try to connect to an Infoblox appliance.
很烦人,不过好像每次都要重新做一个CSR,然后才能上传证书。我将服务器证书和中间证书放在同一个 .pem 文件中,这似乎有效。