We needed to get a SSL cert on our Barracuda Spam Firewall so we could get TLS encryption enabled. I found that adding the Cert was a bit more difficult to do as the documentation provided by barracuda provided. The key to being able to add a Trusted Cert to a Barracuda was having the cert in the PEM file format, something that I had not done before.
We have our certs stored as a PFX file with its private and public key stored with an encrypted password to protect it. As the Barracuda would not take a PFX file, I had to convert it from a PFX file to PEM files, one for public and one for private keys.
- To separate the certificate I used OpenSSL to do it. Download OpenSSL and install it.
- To Extract the private key from the PFX file:
openssl.exe pkcs12 -in SSLCert.pfx -nocerts -out privateKey.pem
- To Extract the public key from the PFX file:
openssl.exe pkcs12 -in SSLCert.pfx -clcerts -nokeys -out publicCert.pem
- To remove the password from the private key file:openssl.exe rsa -in privateKey.pem -out private.pem
- Change the SSL Certificate Configuration to Trusted
- For Upload Trusted Certificate: Set the certificate to publicCert.pem
- Set the Certificate Password - if you set one.
- For Private Key: Set the certificate to private.pem
- If there is a Intermediate Certificate, set the Certificate Chain Bundle to the intermediate certificate.
- Press Upload Certificate Information and then Save Changes