Error "Please upload a valid certificate in PEM format." while importing SSL cert on Security Analytics
search cancel

Error "Please upload a valid certificate in PEM format." while importing SSL cert on Security Analytics

book

Article ID: 169345

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

When the SSL certificate on the SA appliance is uploaded by itself, the current SSL private key on the SA must match it. The normal situation for this would be the case when an expired certificate is replaced with a new certificate based on the same private key.
 

Cause

Certificate is not in PEM format, or does not match the existing private key running on the system.

Resolution

If a the new certificate does not match the current private key running on the system, both the correct key and the new certificate need to be uploaded to the appliance at the same time.

The certificate can be verified from the command line with

/gui/dsweb/System/system_master/verifySSLFiles.php '/etc/pki/tls/private/localhost.key' '/home/admin/southern/Your_New_Certificate_Here.pem'

If the certificate is already in PEM format but this error is received, upload both the certificate and its matching private key at the same time to resolve.

The restart of the HTTPd service on the SA appliance may take up to 5 minutes. Also, the help pages are very clear on how to do this from the CLI and the GUI.

Powered by Wolken Software