Trouble installing SSL certificate
Posted: Wed Jul 25, 2018 9:36 pm
Hello,
I'm having trouble installing a certificate where the key and csr was created using openssl and the cert was purchased from DigiCert. This is for an existing installation that I've loaded an ssl on previously. At that time I documented my steps, but they no longer work and I just get a generic "Invalid SSL certificate" error when trying to add a certificate. Here are some specifics that may help you help me.
1) The cert is a wildcard cert.
2) The CSR was created using: openssl genrsa -aes256 -out "myCertificate.key" -passout pass: "My Password" 2048
3) The csr was used to purchase a signed cert from Digicert as an x509 certificate. The format has been confirmed using openssl.
4) The cert was purchased as a SHA2 cert with SHA2 intermediate, and SHA1 root.
5) The key file is password protected, the password has been verified with openssl.
6) I appended the intermediate certs after my CA signed cert.
7) I have tried adding without the intermediate certificates appended.
8) The cert installs fine in another device (Brocade load balancer)
9) The cert and key when compiled into a pfx file install into an IIS site.
10) The cert was purchased as a SHA2 cert with SHA2 intermediate, and SHA1 root.
11) I've compared file permissions to the working cert and see no defference.
12) I've tried stopping the WingFTP server, manually editing the settings file and restarting. The certificate displays with the red warning.
13) The cert is already in use on other devices and systems, so recreating the csr using WingFTP and replacing the certificate would be a last resort. If I need to do this I would like to know why so that I can document it for the next guy.
I've looked at the server logs and they don't give me any info above the generic "Invalid SSL certificate" message. Are there any detailed logs I can view or is there a way to enable a detailed trace of the error?
Any help would be appreciated, thank you.
John
I'm having trouble installing a certificate where the key and csr was created using openssl and the cert was purchased from DigiCert. This is for an existing installation that I've loaded an ssl on previously. At that time I documented my steps, but they no longer work and I just get a generic "Invalid SSL certificate" error when trying to add a certificate. Here are some specifics that may help you help me.
1) The cert is a wildcard cert.
2) The CSR was created using: openssl genrsa -aes256 -out "myCertificate.key" -passout pass: "My Password" 2048
3) The csr was used to purchase a signed cert from Digicert as an x509 certificate. The format has been confirmed using openssl.
4) The cert was purchased as a SHA2 cert with SHA2 intermediate, and SHA1 root.
5) The key file is password protected, the password has been verified with openssl.
6) I appended the intermediate certs after my CA signed cert.
7) I have tried adding without the intermediate certificates appended.
8) The cert installs fine in another device (Brocade load balancer)
9) The cert and key when compiled into a pfx file install into an IIS site.
10) The cert was purchased as a SHA2 cert with SHA2 intermediate, and SHA1 root.
11) I've compared file permissions to the working cert and see no defference.
12) I've tried stopping the WingFTP server, manually editing the settings file and restarting. The certificate displays with the red warning.
13) The cert is already in use on other devices and systems, so recreating the csr using WingFTP and replacing the certificate would be a last resort. If I need to do this I would like to know why so that I can document it for the next guy.
I've looked at the server logs and they don't give me any info above the generic "Invalid SSL certificate" message. Are there any detailed logs I can view or is there a way to enable a detailed trace of the error?
Any help would be appreciated, thank you.
John