wodCertificate SSL: Intermediate Certificate? - WeOnlyDo Discussion board

wodCertificate SSL: Intermediate Certificate? (wodFTPServer)

by cyman, Monday, March 18, 2013, 06:26 (4269 days ago)

Hi there-
For our customers, we need to use a valid, signed SSL certificate. However, our SSL certificate from GoDaddy comes with both a certificate file, and an intermediate certificate or bundle . Both are required to have the proper chain of trust to verify the certificate.
To be clear, we have 3 files:
1. OurDomain.crt <- Our cert
2. sf_bundle.crt <- Intermediate cert
3. OurDomain.key <- Our private key

How can we set up the intermediate certificate with WodFTPServer / wodCertificate?
Thanks!

Re: wodCertificate SSL: Intermediate Certificate?

by woddrazen, Monday, March 18, 2013, 10:16 (4268 days ago) @ cyman

Hi,


What happens if you load Intermediate certificate without Root certificate?

Root certificate is actually not needed since both parties *should* already have Root certificates installed. The one not presented is the Intermediate certificate.

Is there any chance you can try this and let us know how it goes?

Hope this helps.


Regards,
Drazen

Re: wodCertificate SSL: Intermediate Certificate?

by cyman, Monday, March 18, 2013, 14:16 (4268 days ago) @ woddrazen

You mean load our certificate without the Intermediate Certificate?

It won't work. We tried this. The client said he was getting certificate errors. We verified this using http://www.sslshopper.com/ssl-checker.html

NOTE: For some of these SSL certs, yes, on newer browsers over HTTPS they work without intermediate, because newer browsers come with a cache of more common certificates. But, unlike HTTPS, for FTP-SSL, people have very few root certificates installed. They are often connecting from servers for automation, etc.

Re: wodCertificate SSL: Intermediate Certificate?

by woddrazen, Monday, March 18, 2013, 14:19 (4268 days ago) @ cyman

Hi,


You actually need to load Intermediate certificate without Root. Can you maybe try that?


Drazen

Re: wodCertificate SSL: Intermediate Certificate?

by cyman, Monday, March 18, 2013, 14:24 (4268 days ago) @ woddrazen

Hi there-

Load it where? As the one SSL cert of WodFTPServer? That will break out SSL. The Intermediate Cert doesn't contain our own domain's cert. My understanding is, it's a chain of trust.

Re: wodCertificate SSL: Intermediate Certificate?

by woddrazen, Monday, March 18, 2013, 14:34 (4268 days ago) @ cyman

Hi,


Yes, you can try to load Intermediate Certificate and private key inside wodFtpServer without Root.

Actually Root certificate should be already installed on both sides. So this is something that is already known for both sides because they already have those certificates.

Is there any chance maybe that you can try my suggestion and let us know how it goes?


Drazen

Re: wodCertificate SSL: Intermediate Certificate?

by cyman, Monday, March 18, 2013, 14:40 (4268 days ago) @ woddrazen

I'll try in a few hours and get back to you.