09-25-2007 06:04 AM - edited 03-05-2019 06:41 PM
Hi,
I am having some problems getting my certificate to work on my CSS. Here is what I have done:
1. Generated a CSR
ssl genrsa MyKey 1024 "MyPassword"
2. Associated the key pair
ssl assoc rsakey MyKeyAssoc MyKey
3. Generated a CSR
ssl gencsr MyKeyAssoc
and I sent this off to my provider, and got a certificate in return... the file was renamed as a .txt file, so I renamed it .der and did the following:
4. Copy Cert on to Content Switch
copy ssl ftp my-record import MyCertName.der DER "MyPassword"
5. Associate the Cert (HERE IS THE PROBLEM...)
ssl assoc cert MyCertNameAssoc MyCertName.der "MyPassword"
Here it comes back with an error of "Not a valid key or certificate file"
Any ideas?.........
09-25-2007 06:22 AM
Could you check if the RSA key was passphrase protected ? If so, then on import you need to specify the passphrase as the *second* key argument, like so :
copy ssl ftp DEFAULT_FTP import rsakey.pem PEM "mypassword" "passphrase"
If not, the CSS will not complain on import but will consider the RSA key invalid when you try to associate it. The first key argument ("mypassword") is the password used to DES encrypt the RSA-key before writing it to the CSS' permanent storage.
Regards,
~JG
09-25-2007 07:37 AM
No:- there is no passphrase associated with the key.
I am thinking it is a problem around the format of the cert: I generated the CSR in .pem format, my provider are returning a cert in .cer format, which I rename .pem before importing.
It imports fine, but does not allow me to associate it?...
09-26-2007 06:40 AM
Can anyone help here??
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide