Network Management

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------

There should be something wrong with what you have in the PEM file. Did you generate the CSR on the Airwave or externally? If generated externally, you should use a p12 that includes the private key.

Also, did you upload the root CA that signed this certificate to Airwave? What the message may be telling is that Airwave does not know the RootCA (which should not be required, but is an additional check that you upload a proper chained certificate):


------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: Feb 24, 2021 12:58 PM
From: Cethern Reid
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------

Hi Herman,

Thanks for the reply, you have solved my issue!

I generated the CSR on Airwave and was uploading via CLI. I was not aware that it was a requirement to install the CA via the GUI and then install the signed SSL cert via CLI, the "incorrect format" error through me off.

I uploaded the Intermediate and root CA certs via GUI as shown in your reply and then installed the signed cert via CLI and the cert installed successfully. 

Thanks again!
Original Message:
Sent: Mar 02, 2021 04:47 AM
From: Herman Robers
Subject: Issue adding SSL cert to Airwave 8.2.11.2

There should be something wrong with what you have in the PEM file. Did you generate the CSR on the Airwave or externally? If generated externally, you should use a p12 that includes the private key.

Also, did you upload the root CA that signed this certificate to Airwave? What the message may be telling is that Airwave does not know the RootCA (which should not be required, but is an additional check that you upload a proper chained certificate):


------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Feb 24, 2021 12:58 PM
From: Cethern Reid
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------

I was trying to test a signed cert from Cloudflare with no luck. I wanted to get it working in a lab before I tried on a production server with a different CA

------------------------------
Rick Rogan
------------------------------

Original Message:
Sent: Mar 02, 2021 04:47 AM
From: Herman Robers
Subject: Issue adding SSL cert to Airwave 8.2.11.2

There should be something wrong with what you have in the PEM file. Did you generate the CSR on the Airwave or externally? If generated externally, you should use a p12 that includes the private key.

Also, did you upload the root CA that signed this certificate to Airwave? What the message may be telling is that Airwave does not know the RootCA (which should not be required, but is an additional check that you upload a proper chained certificate):


------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Feb 24, 2021 12:58 PM
From: Cethern Reid
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------

Rick,

Have you generated CSR in Airwave or external server? Does certificate which you are trying to upload have complete chain?

Chain flow.
Server cert
Intermediate CA
root CA
Private key (if CSR generated outside Airwave, if generated in Airwave, key present in server only)

------------------------------
Pavan Arshewar
Principal Network Engineer

If my post addresses your query, give kudos!
------------------------------

Original Message:
Sent: Mar 08, 2022 10:42 AM
From: Rick Rogan
Subject: Issue adding SSL cert to Airwave 8.2.11.2

I was trying to test a signed cert from Cloudflare with no luck. I wanted to get it working in a lab before I tried on a production server with a different CA

------------------------------
Rick Rogan

Original Message:
Sent: Mar 02, 2021 04:47 AM
From: Herman Robers
Subject: Issue adding SSL cert to Airwave 8.2.11.2

There should be something wrong with what you have in the PEM file. Did you generate the CSR on the Airwave or externally? If generated externally, you should use a p12 that includes the private key.

Also, did you upload the root CA that signed this certificate to Airwave? What the message may be telling is that Airwave does not know the RootCA (which should not be required, but is an additional check that you upload a proper chained certificate):


------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Feb 24, 2021 12:58 PM
From: Cethern Reid
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------

Hi Pavan,
I'm not sure about the chain I assume I probably need to do more?

Just to recap what I have done:  also note I am doing this in Airwave version 8.2.13.1

1. I created the CSR from the ampadmin menu.
2. I pasted into Cloudflare to get my origin cert.
3. I saved as pem encoded with .crt extension
4. Uploaded the file from the ampadmin menu
5. Tried installing from the ampmenu but get an error saying: Invalid certificate format

This is as far as I got. I have been referencing the Airwave user guide but have had no luck.

Rick

------------------------------
Rick Rogan
------------------------------

Original Message:
Sent: Mar 09, 2022 06:46 AM
From: Pavan Arshewar
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Rick,

Have you generated CSR in Airwave or external server? Does certificate which you are trying to upload have complete chain?

Chain flow.
Server cert
Intermediate CA
root CA
Private key (if CSR generated outside Airwave, if generated in Airwave, key present in server only)

------------------------------
Pavan Arshewar
Principal Network Engineer

If my post addresses your query, give kudos!

Original Message:
Sent: Mar 08, 2022 10:42 AM
From: Rick Rogan
Subject: Issue adding SSL cert to Airwave 8.2.11.2

I was trying to test a signed cert from Cloudflare with no luck. I wanted to get it working in a lab before I tried on a production server with a different CA

------------------------------
Rick Rogan

Original Message:
Sent: Mar 02, 2021 04:47 AM
From: Herman Robers
Subject: Issue adding SSL cert to Airwave 8.2.11.2

There should be something wrong with what you have in the PEM file. Did you generate the CSR on the Airwave or externally? If generated externally, you should use a p12 that includes the private key.

Also, did you upload the root CA that signed this certificate to Airwave? What the message may be telling is that Airwave does not know the RootCA (which should not be required, but is an additional check that you upload a proper chained certificate):


------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Feb 24, 2021 12:58 PM
From: Cethern Reid
Subject: Issue adding SSL cert to Airwave 8.2.11.2

Hi all,

I'm having an issue installing a signed ssl cert on Airwave. I generated a CSR, got the cert signed and received the signed cert back in .p7b format. I converted this cert to pem with the .crt extension. When I view the certificate everything looks fine on my host (full cert chain, correct CN etc.) I then uploaded it to Airwave.

When I try install the certificate I get the following error:

Your choice: 1
No Trusted Certificate found in the DB.
No Trusted Certificate found in the DB.

Invalid certificate format.

I've tried .cer extension just incase, and I've made sure the formatting of the file is correct and the file has be converted and uploaded a number of times. I'm not sure what is causing this issue?

------------------------------
Cethern Reid
------------------------------