ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error: "Extended Key Usage information is present and it indicates that the certificate does not support client authentication" when installing SSL certificates

book

Article ID: 161456

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

When trying to install a self signed certificate on the advanced tab of the targeted agent settings page you receive the following error.

The Extended Key Usage information is present and it indicates that the certificate does not support client authentication.

Cause

This error will be shown if you have created your own self signed certificate with IIS and are not using the one that Symantec creates during installation. When you create a self signed certificate with IIS the default is only a Server Authentication certificate, the self signed certificate created by Symantec during installation handles both Server Authentication and Client Authentication. You can see this if you open the certificate with MMC (Microsoft Management Console) and load the certificate snap-in. After opening the certificate click on the details tab and look for the Enhanced Key Usage field and you should see "Client Authentication (1.3.6.1.5.5.7.3.2)". If the certificate does not contain this field you will get the error.

Resolution

Use the self signed certificate that was created with the installation of the product or create a new certificate with the appropriate fields.

 

 

 

 

Attachments