NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
FVS318N csr signed by Openssl intermediate CA not accepted
Hello all, I have a FVS318N router, frmware 4.3.4-2. I have generated a certificate signing request (CSR) from the firewall (SHA-1 + RSA2048). I have issued certificates: using openssl and my Intermediate CA certificate & PK. The firewal refuses to load this certificate. using openssl and an Root CA certificate. The firewal accepts this certificate. In both cases: no extended key usage SHA1 + RSA2048 both the Root and Intermediate CAs certificates are loaded as trusted CAs in the firewall both the Root and Intermediate CAs certificates are SHA1 + RSA2048 Questions: Are Intermediate CAs issued certificates supported the Netgear CSR? If yes, any tips? The certificate I have uploaded is used now for the administration interface, which is unwanted. I would want to add an IPSEC only certificate which does not interfere with the SSL certificate. What keyUsage/Extended key usage to add or exclude? The documentation refers to IPSEC VPN extKeyUsage (EKU). AFAIK the IPSEC specific EKUs have been deprecated long ago and should no longe be used. The IPSEC VPN OIDs are not mentioned in the Netgear doc, does anyone know what do they mean? Is there any way to grab more information (ie: logs) of what happens inside for certificate management? The firewall has a serial port and I still have a PC with a serail port on. Can it be told to log anything usefull there (or elsewhere)?