Problem Importing X.509 CA Key file

Home Page Forums Network Management ZeroShell Problem Importing X.509 CA Key file

This topic contains 1 reply, has 0 voices, and was last updated by  ovanzandwijk 9 years, 9 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #42098

    ovanzandwijk
    Member

    Hi All,

    I have a problem importing the self generated PEM CA key on the Setup tab of the X.509 CA interface. I used the script CA.pl from the OpenSSL distribution (windows build) without any changes. I used the manual on the following webpage: http://www.ipsec-howto.org/x595.html.

    As I want to use the self generated CA for my Exchange Server certificates and for my ZeroShell implementation, I wanted to import the CA on the mentioned page.

    However, I get a “ERROR: not valid Key source file” as a response. The certificate itself seems to import just fine, or it is not read at all. I don’t know.

    I would like to know the requirements for the key source file so that I can upload a valid one. I rather not generate the CA cert from ZeroShell and use that for my Exchange certificate. This might be a workaround, but I would really like to be able to import the CA.

    Thanks.

    #49274

    imported_fulvio
    Participant

    The certificate and the private key have to be in base64 format (generally files with .pem extension) to be correctly imported in Zeroshell.

    Regards
    Fulvio

    #49275

    ovanzandwijk
    Member

    The problem was that there was a passphrase on the key file. Using the mentioned scripts I was forced add a passphase of at least 4 characters. I solved it by executing the following command:

    openssl rsa -in cakey.pem -out cakey_nopass.pem

    And uploading the new cakey_nopass.pem file without the passphrase.

    Regards,
    Olaf

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.