Security

Reply
Regular Contributor I
Posts: 188
Registered: ‎03-22-2013

Importing a new https ssl cert... problems.

Im trying to upload a new ssl wildcard https server cert as our runs out in a week or so, and keep getting this error:

 

Certificate chain is invalid. The expected order is Policy Manager Server, Sub CA and Root CA certificates

 

The cert is from digicert, and both te root and intermediate certs are already installed and expire in 2031 and 2023 respectively.  Ive also been on the digicert website and verified that the serial of the installed ones matches the currently available ones.  So I was hoping I could simply import a new cert... 

 

The format of the cert is a pfx and I have used openssl to extract both the key and the cert, and tried to import them, and get presented with tte above error.  

 

Based on the error, I assume the system is confirming that the installed root and intermed certs do not match the issued cert?  Yet they seem to have been fine the last couple of years, and the certs on digicert website seem to match what we have installed.

 

I dont know anything about certs, and find it all a bit mind boggling.. 

 

Can anyone pont me in the right direction?

 

Cheers

Guru Elite
Posts: 20,992
Registered: ‎03-29-2007

Re: Importing a new https ssl cert... problems.

What are you trying to import the certificate into?  Controller, IAP, ClearPass?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I
Posts: 188
Registered: ‎03-22-2013

Re: Importing a new https ssl cert... problems.

It was the Clearpass https server cert.. but after several attempts, and extractions.. managed to find the right combo that worked.

I think the pfx file we had incorporated several certs, so I had to split them and import them, and that did the trick!

Thanks anyway


********************************************************************************************************************

Disclaimer
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.
Any views or opinions presented are solely those of the author and do not necessarily represent those of the Trust unless explicitly stated otherwise.
If you have received this e-mail in error please delete it and contact the University Hospital Southampton NHS Foundation Trust Helpdesk on:- 023 8120 6000
The information contained in this e-mail may be subject to public disclosure under the Freedom of Information Act 2000.
Unless the Information is legally exempt from disclosure, the confidentiality of this e-mail and your reply cannot be guaranteed.
This footnote also confirms that this email message has been checked for computer viruses.
Please visit our website at http://www.uhs.nhs.uk

Think of the environment. Please avoid printing this e-mail unnecessarily.
Search Airheads
Showing results for 
Search instead for 
Did you mean: