Using InstantSSL Cert for TLS on an email firewall

gbayse · August 19, 2006, 12:49am

A new vendor has noted that we are not using a “valid cert.” They are getting an invalid cert error and have sent us the following link asking if we can make any changed to resolve their problem connecting to us.

http://forum.java.sun.com/thread.jspa?threadID=304493&messageID=1224367

Specifically: We have a similar problem and have traced it to the client certificate containing the NetscapeCertType extension with the SSLServer bit set but not the SSLClient bit.

The problem goes away if the NetscapeCertType SSLClient bit is set in the certificate, or if the certificate does not use the NetscapeCertType extension (uses the X509v3 standard extension “Extended Key Usage” instead)

garry · August 21, 2006, 9:14am

Hi gbayse,

Contact the support team…they have lots of fixes for this type of issue.

Also, you might want to checkout the knowledgebase at http://support.comodo.com

jbyerson · February 16, 2007, 3:16am

Gary,

We are having very similar problem with InstanSSL Cert for TLS secure connection. The application seems not to be able to connect to the InstantSSL Cert server. If we use SSL connection, the problem goes away… Could you help to point out some of the posible options…

Thank you

garry · February 16, 2007, 11:23am

Hi,

The options are various, ranging from configuration issues to something in the certificate that the software might not like.

Your issue is presently with our level 2 support people.

Garry