Wireless Access

last person joined: 40 minutes ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Certificate Upload Error

This thread has been viewed 16 times
  • 1.  Certificate Upload Error

    Posted 22 days ago

    I'm using Aruba Instant (ArubaOS and trying to renew a server certificate.

    I have a x509 certificate (pem format) and RSA private key (pem). I tried to upload a Server cert by following the manual. But I'm getting an error that says "Convert certificate error".

    Authentication Certificates

    Is there anyone having the same problem? The manual says very little about how to prepare a Server certificate. It only mentions a "Public" certificate, which is apparently a different thing. I guess that I'm supposed to concatenate the certificate pem and private key pem into one text file and upload it? I tried various combinations, double checked if my passphrase is correct, etc. with no luck.

    I'd appreciate if anyone gives me a right direction.

    Thank you very much,

    Certificate Upload screen:

    Error message:

    Yusuke Shinyama

  • 2.  RE: Certificate Upload Error

    Posted 20 days ago
    Please try to rename the certificate to .pem extension and make sure it is built up like:
    -----BEGIN PRIVATE KEY-----
    ....  Private key here; can be encrypted as well
    -----END PRIVATE KEY-----
    ....  Server certificate here
    -----END CERTIFICATE-----
    ....  Intermediate certificate here
    -----END CERTIFICATE-----​

    That should work.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

  • 3.  RE: Certificate Upload Error

    Posted 19 days ago
    Thank you!
    It turned out that the private key I had was in RSA format, as it starts with -----BEGIN RSA PRIVATE KEY----- while
    it had to be in PKCS#8 format. (Your example gave me a clue.)

    I converted the key with the following command:
    $ openssl pkcs8 -topk8 -inform PEM -outform PEM -in rsa.key -out pkcs8.key
    Then concatanate the whole thing:
    $ cat pkcs8.key server.cer intermediate.cer > toupload.cer
    ​Which worked!

    Thanks again.

    Yusuke Shinyama