0

I'm really stuck on this one! I have two Watchguard firebox firewalls. My SSL certificates expired and I bought two new wildcard certificates from RapidSSL. I couldn't get the certificate to install on the first one. "certificate validation failed"....

Then I found this question on server fault: Watchguard SSL Certificate problems

He had the exact same issue as me and I did what he wrote in his own answer. Worked like a charm!

But on the second one, located in an other city, I can't get it to work.

When I try to install the CA root certs for GeoTrust and RapidSSL i get "certificate verification failed".

I tried the following so far: * Allowed the firewall to communicate with any address on the internet, if it needs to verrify anything. (Long shoot, I know). * Exported the root cert from the other firebox and tried to install them. * Tried to install Geotrust first then RapidSSL and the other way around. * Downloaded the CA certs from RapidSSL again.

I don't know what to do now.... Any input is appreciated!

1 Answers1

1

I don't know of a better answer than that you need to get the whole chain to validate - so maybe there's a root, an intermediate, and then your certificate, and you're trying to import the intermediate first thinking it's the root certificate?

Open in Windows and examine the chain, pay attention to all the names and spellings, then import them from CA cert down. I have this problem occasionally, and it's always down to me not getting quite the right certificate chain - two slightly different products from the authority, or similar.

If you have LiveSecurity, head to http://support.watchguard.com and ask them, maybe?

TessellatingHeckler
  • 5,676
  • 3
  • 25
  • 44