Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem with Upload PEM certificate

Dear Mister

I tried today to upload certificates and keys, from FTP server toward ACE LB. This was the show:

CL-LB-ACE-02/C1# 

CL-LB-ACE-02/C1# crypto import ftp 172.23.107.5 admin dicom.cl.pem dicom.cl.pem

Password:

Passive mode on.

Hash mark printing on (1024 bytes/hash mark).

######

Successfully imported file from remote server.

Error: File not of recognized types - PEM, DER or PKCS12, import failed

Well. I have a little question.

a) The file is .PEM. Why is the reason for failed import?

b) I have a doubt. In this case we need to migrate certificates and key from the server toward the ACE.

The server is AIX IPLanet. The repository are  key3.db / cert8.db

In this case, what need to do the customer, in order to can migrate in PEM type toward the ACE.

Best Regards

4 REPLIES
New Member

Re: Problem with Upload PEM certificate

Hi Rodrigo,

I think you again need to generate CSR & Key on ACE.

1. We need to provide CSR & key to CA.

2. CA provides us the certicate and that we need to upload on ACE.

Please go through the below URL

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/ssl/guide/aceSSLgd.pdf

Regards

Bronze

Re: Problem with Upload PEM certificate

Hi Rodrigo,

If the file is PEM, you should be able to open the file using notepad.  Open the file copy all the output and use this command:

#crypt import terminal {cert_name}

Paste the output from notepad

---------------------
Cesar R
ANS Team

--------------------- Cesar R ANS Team
New Member

Problem with Upload PEM certificate

I've experienced this error before on several occasions.  As Cesar mentions first make sure you can open the file.  In some cases it can be corrupt.  The other time I've seen this problem is if there is a password in which case you need to add the passphrase statement to your crypto import line.

Cisco Employee

Problem with Upload PEM certificate

Hi Rodrigo,

It is possible that the key is encrypted with a password.

Please follow the steps as described in the link below in order to decrypt the key.

http://support.citrix.com/article/CTX122930

Many times just a extra line or space can corrupt the certificate.

Let me know if that helps.

regards,

Ajay Kumar

729
Views
0
Helpful
4
Replies