I'm getting an error when trying to upload a pem file created using the directions in this article - https://community.arubanetworks.com/t5/Controller-less-WLANs/How-to-Create-a-Certificate-for-Instant-Captive-Portal-using/ta-p/277025.
The error I get when I attempt to upload is "cert_upload_error_in_rsa_key_validation_-_-14_txt". I have tried the process outlined in the article above multiple time thinking I must be doing something wrong. I've scoured the internet for this error message and get no results. Does anyone know what my problem might be?
Thanks in advance!
Do you have your key encrypted like in the referred document? Could it be that the passphrase is incorrect? Or that the key and the certificate don't match up?
If there is someone you trust to share the file with that you try to upload, it's probably a logical reason. With just the error, it is hard to solve.
Your Aruba partner, or Aruba support should be able to help you to assist with this.
What I do is:
-----BEGIN PRIVATE KEY-----
Private key here; I assume it can be a the end as well, I prefer to stick it here. It can be encrypted or unencrypted, if encrypted the passphrase should match
-----END PRIVATE KEY-----
Server certificate here, issued by intermediate 1
Intermediate 1 certificate here, issued by the root CA
You should not need to include the root CA, it should not really hurt or prevent the certificate from loading. What possibly does prevent the certificate from loading can be any additional text in between the ---END-- and ---BEGIN--- lines. When you export with openssl, it can put additional certificate information in text. Remove all that additional stuff.
If you have additional intermediates, put them in order from the server cert (intermediate that issued the server cert first after the sever cert) to the root (intermediate issued by the CA root as last).
i m running in the same issue, did you solve that problem ?
Thanks for your response. I've tried the private key both encrypted and unencrypted. I tested the cert and private key to make sure they match using openssl and they do match.
There are a number of articles that outline how to do this and they all seem to contradict themselves in one way or another. If I had to guess, I think my problem is the formatting of the file I'm trying to upload. I've tried to put the certificates in the pem file in different orders to no avail. Can you tell me the proper order to place the certs (Public, Intermediate, Root, Private Key?) and does if have to have the .pem extension or can it be .crt? I've tried .pfx format and that didn't work.
I just read that I only need the public cert and private key also but haven't tried that. Do you know if this is true?
Thanks again for any help!
I have not. Did you get your certificate from GoDaddy? I'm not sure what the problem is. I inherited this wireless network so I'm beginning to think there is something else wrong that is causing this. I've tried everything I can think of. If you figure it out I'd appreciate knowing what you did. I'll do the same if I figure it out.
The issue appeared to be a formatting issue in the import file. Some generic recommendations if you get import errors:
- line-ends in the import file should be either DOS (CR+LF) or UNIX (LF). If you create the file on a UNIX system or MAC, or in Notepad on Windows, that should be good. With Notepad++ on Windows, you can select the line-ends.
- When you receive certificates, sometimes there is a header that describes the certificate. Make sure that your import file has only the certificates itself as I showed above:
-----BEGIN RSA PRIVATE KEY-----
MII.......<Private key here; I assume it can be a the end as well, I prefer to stick it here. It can be encrypted or unencrypted, if encrypted the passphrase should match>............BJD1DnCs2W
-----END RSA PRIVATE KEY-----
MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT<Server certificate here, issued by intermediate 1>
MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp<Intermediate 1 certificate here, issued by the root CA>GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2xLXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB
Remove everything that is in front of the BEGIN or after the END lines of the initial file so you only keep like the example above with END and BEGIN lines head-to-head without anything in between.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.