Barracuda Icon
Chat
Live Chat

Hi, I'm Rosa.
How may I help you?

How may I help you?

Click below to send us a Message

Support

A global support network of experts.
At your service.

Back to Knowledgebase

How should I install a wildcard certificate onto my Barracuda Networks product?

Solution #00000990


Scope:
This solution applies to all Barracuda Networks products, all firmware versions.

Answer:
Wildcard certificates are domain-level certificates. A regular SSL certificate will be limited to a specific hostname, but a wildcard certificate works for every hostname within a domain (which is why it's called a wildcard certificate). These can be distinguished from regular certifcates by looking at the hostname on the certificate. If the hostname begins with an asterisk, the certificate is a wildcard certificate.

In order to upload a wildcard certificate to the Barracuda unit, you will first need to upload a copy of the private key that is associated with the wildcard certificate. The Barracuda unit will otherwise reject the certificate as invalid. If the certificate is being pulled from a Windows workstation or server, the private key and certificate may be combined into a single PFX file, in which case they need to be extracted. You can do this using the OpenSSL utility, but you are unable, you can call Barracuda Networks Technical Support for assistance.

Once you have both the certificate and the private key in the X.509 format (each in their own file), you can upload them in one of two ways.

  1. The first and easiest way is to go to the Advanced > SSL or Advanced > Secure Administration page, and first upload the RSA private key using the Upload Backup SSL Private Key field. Then, once that has been uploaded, upload the certificate using the Upload Signed Certificate field. To begin using the certificate and key you've uploaded, select Trusted (Signed by a trusted CA) as the Certificate Type after you uploading the certificate, and click Save Changes.

  2. The alternate method is to open a new text file and paste both the certificate and the RSA private key into that file, RSA private key first, and upload that file. The file should look like this when you are finished:

-----BEGIN RSA PRIVATE KEY-----
(the private key, several lines of indecipherable text with no spaces)
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
(the signed certificate, several lines of indecipherable text with no spaces)
-----END CERTIFICATE-----

If you need to add any intermediate certificates, you should paste them in the same file, after the RSA private key and the signed certificate. Save the file, and upload it using the Upload Signed Certificate form on the Advanced > SSL or Advanced > Secure Administration page. To begin using the certificate and key you've uploaded, select Trusted (Signed by a trusted CA) as the Certificate Type after uploading the certificate, and click Save Changes.


Link to This Page:
http://www.barracuda.com/kb?id=50160000000GHEe