Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3069
Views
5
Helpful
6
Replies

Importing an SSL Cert on SG500X

Go to solution
Steve Galambos
Level 1
Level 1

‎10-06-2013 10:07 AM

I'm trying to use SSL certs signed by out internal CA on all of our SG500X and SG500 switches, the manual is a little vague on the actual process import process, I generated the request from the switch without specifying a new key(so I assume it used the default), submitted the request to my CA and downloaded the cert. Since the import option doesn't allow importing the cer file, I opened it up with a text editor and copied the cert including the begin and end markers, when I submit it I get the error: SSL can't import certificate - conversion of input to certificate failed.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
6 Replies 6

Go to solution
Tom Watts
VIP Alumni
VIP Alumni

‎10-06-2013 11:17 AM

Hi Steve, I've had mixed success with the SSL certs using the GUI.You may want to try to input the cert through the CLI.

#configure terminal

(config)# crypto certificate <1-2> import

it gives you a prompt

Please paste the input .... etc

Paste the certificate and at the end add a period "."

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Go to solution
Steve Galambos
Level 1
Level 1
In response to Tom Watts

‎10-06-2013 11:53 AM

I just tried importing the cert through CLI too, and get the same error, is there anything that needs to be done before import? I'm working with a base-64 encoded cert file that was issued by our internal Windows CA.

0 Helpful

Go to solution
Tom Watts
VIP Alumni
VIP Alumni
In response to Steve Galambos

‎10-06-2013 03:54 PM

Steve, there shouldn't be anything special about it. Do you use a firmware newer than 1.2.7.76? (1.3.0.59 or 1.3.0.62)

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Go to solution
Steve Galambos
Level 1
Level 1
In response to Tom Watts

‎10-06-2013 04:14 PM

Tom,

I'm on firmware 1.3.0.62

Thanks!

0 Helpful

Go to solution
Steve Galambos
Level 1
Level 1
In response to Nagaraja Thanthry

‎10-07-2013 05:23 AM

When I followed the step-by-step entirely it imported the cert fine through the GUI, when I was trying it previously I wasn't editing the self-signed cert prior to generating the request to submit to the CA, I'm not sure why that made a difference but it worked on all 5 of my stacks if I did it first.

0 Helpful
Customers Also Viewed These Support Documents