This resulted from a mismatch between the hash of the requested cert, and the originally generated (signed) certificate.
This means the details in the Private key (original to the self-signed certificate created as per the instructions in KB TECH221433) do not match the Public Key for which the customer's CA cert has been created.
Ensure that CSR includes correct details for the certificate - matching the company name exactly, otherwise the handshake will show a different size of the request when matched to the signed certificate: e.g., appending "LLC" to the company name is enough to change the result.
In this case, it is necessary to recreate the self-signed certificate as per instructions in KB TECH221433 and ensure that the -dname parameters match exactly those for which the certificate request is being made. Note that there is an attachment to KB TECH221433 which gives examples of the steps required.
Imported Document ID: TECH218840
Subscribing will provide email updates when this Article is updated. Login is required.