CA and Certificates



  • I have been trying to get Mobile IPSec using a PSK, and then with hybrid RSA + XAuth, and, when I couldn't get that working, OpenVPN to work. I was able to get the IPsec with PSK working, but have been unable to get Hybrid or OpenVPN working.

    I'm starting to think the problem might be with my certificates. All of the documentation seems to involve using the built-in self-signed certs, but I am trying to use our corporate wildcard certificate from DigiCert. I have successfully imported the CA, and also imported the intermediate cert just in case. I have no idea if I need that, and can't seem to find any documentation about this.

    I have also requested and imported a certificate based on those CAs for the FQDN I wish to use as the OpenVPN gateway.

    So,

    1. Do I need the intermediate cert from Digicert in the CA list?
    2. Is there a way to test if the cert I have imported is working?

    Thanks!



  • Using the internal CA and generating a self-signed cert in the OpenVPN wizard, I have successfully been able to connect. If someone could point me to a tutorial on creating a 3rd party CA and cert, I would be very thankful.