12-11-2018 03:58 PM
I’m having trouble getting the CA Bundle installed in my Duo Access Gateway.
I have the root certificate installed just fine, but when I try to install the bundle, it requires a corresponding private key.
All browsers but Firefox seem accept just the root certificate.
The instructions are to install the Certificate Bundle in the DAG so that all the intermediate certs are in there also.
Has anyone had this issue?
Gary
12-12-2018 06:43 AM
Hey @Gary,
Are you using the Windows or Linux Duo Access Gateway?
If using the Linux Duo Access Gateway you should be able to create a certificate file that in order (top to bottom) has the:
You should be able to then upload this and the private key as a separate file.
If using the Windows Duo Access Gateway you may need to contact the company you purchased your SSL certificate from to get them to provide it in the proper format. You could also try convert the PEM files into the proper PFX format by using OpenSSL
Let me know if you have any questions and thanks for being a Duo customer!
– Jamie
02-21-2019 07:33 AM
Hi Jamie, I ended up getting an FQDN cert for the DAG and I need to generate a CSR for it - how can I generate a CSR for the DAG?
02-22-2019 02:10 PM
I was able to generate the CSR for the new fqdn cert and I now have it. I’m back to the dreaded “Private key must match uploaded certificate.” Error when attempting to install to the DAG.
I’m importing the CA Bundle and the SSL Cert’s associated private key, do you know why I keep getting this error?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide