AstaroOS: Support intermediate CAs
in Webadmin, Userportal and Web Application Security.
The intermediate CAs will not be sent by the UTM to the client, so the CA path is broken and then some Browsers will not accept the cert.
We all need this to be fixed. Ten years ago, going self-signed was good enough. Since most certificates seem now to be offered using an intemediate ca, this needs to be implemented.
Rolf Müller commented
Or the other way round, if the UTM holds a intermediate ca, signed from an official one, then on sslvpn e.g. only the intermediate ca cert is used for server and client resulting in a broken cert-chain and no connection.
Please add support for all kinds of VPN-connections (Site-to-Site and Remote Access)
Karim Litefti commented
Even worse, the SSL ZIP package (available through the user portal) cannot be build for a user who has an external certificate which contains an intermediate CA.