No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

RSE6500 - Failed to import the HTTPS certificate

Publication Date:  2018-10-03 Views:  101 Downloads:  0
Issue Description

Customer encountered an error where he could not import the HTTPS certificate on the RSE6500. When he imported the certification file via the web interface of the RSE6500 he received the error: "Failed to analyze the content of the certificate"

Handling Process

In order to further troubleshoot the reported issue we have requested the following information from the customer

 - Firmware version of the RSE6500  V500R002C00SPCd00

 - Logs  exported from the web interface by going to System > System Settings > Export > Log File and click on Export log

- Initial private key (.key) file and certificate (.crt) and also the .pem file that needs to be imported into the RSE6500


After we have analyzed the log we ahve noticed that the issue regarding the HTTPS certificate was described as :


03/10/2018 10:49:11        INFO        BNMS, User(admin) import HTTPS CRT certificate. result is fileContentWrong

Afterwards we have used the OpenSSL tool in order to compare the .crt key and the private key to make sure they match





Root Cause

After we have made sure that they match we have opened the .PEM file that needs to be imported and noticed that the content of the file appears to be a Windows host log as it can be seen below:


# Copyright (c) 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

#      102.54.94.97     rhino.acme.com          # source server

#       38.25.63.10     x.acme.com              # x client host

 

# localhost name resolution is handled within DNS itself.

#      127.0.0.1       localhost

#      ::1             localhost

192.168.1.146 activedirectory

192.168.1.70  ts

192.168.1.70  wingsm

192.168.1.131 sql2008

192.168.1.230 CDUBOIS

192.168.1.64  saphcrm

192.168.1.154 frontal2


Solution

Since the .crt file already contained the private key we have renamed the .crt file into a .pem file and tried importing the certificate into our lab environment and no issues were encountered as you can see below:




END