Endpoint Protection

 View Only

  • 1.  SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 05:11 AM

    Hi,

    I tried to add a certificate from one of our customers in my lab but got the message that the certificate is invalid (it's definitely not expired but I guess that's not the problem...). The hash algorithm is sha384 and it was issued by an intermediate CA.

    I was wondering if there are any documentaries about the requirements in order to add a certificate exception?

    It did work with a certificate I issued from my lab's root CA (sha384 as well as sha1).

    Thanks!

     



  • 2.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 07:31 AM

    It needs to be in DER/BASE64 format. Is that the case with this one?



  • 3.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 07:45 AM

    I guess so, at least it has a *.cer file extension.



  • 4.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 07:53 AM

    If you open the cert in notepad and it begins with -----BEGIN CERTIFICATE----- then it's BASE 64. Otherwise, if it's all scrambled then it's DER. Which is it?

     



  • 5.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 08:11 AM

    I only see an option for SHA1 so why this worked for you previously, I can't say. May need to engage support.

    -Brian



  • 6.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 23, 2017 11:48 AM

    Duplicate thread:

    https://www.symantec.com/connect/forums/sep-14-ru1-unable-add-certificate-exception



  • 7.  RE: SEP 14 RU1: Unable to add certificate exception

    Posted Nov 24, 2017 07:50 AM

    Seems like the CN was missing in the certificate... works now. Thanks!