Error "Please upload a valid certificate in PEM format." while importing SSL cert on Security Analytics
Article ID: 169345
Updated On: 04-08-2022
Products
Security Analytics
Issue/Introduction
When the SSL certificate on the SA appliance is uploaded by itself, the current SSL private key on the SA must match it. The normal situation for this would be the case when an expired certificate is replaced with a new certificate based on the same private key.
Cause
Certificate is not in PEM format, or does not match the existing private key running on the system.
Resolution
If a the new certificate does not match the current private key running on the system, both the correct key and the new certificate need to be uploaded to the appliance at the same time.
The certificate can be verified from the command line with
/gui/dsweb/System/system_master/verifySSLFiles.php '/etc/pki/tls/private/localhost.key' '/home/admin/southern/Your_New_Certificate_Here.pem'
If the certificate is already in PEM format but this error is received, upload both the certificate and its matching private key at the same time to resolve.
The restart of the HTTPd service on the SA appliance may take up to 5 minutes. Also, the help pages are very clear on how to do this from the CLI and the GUI.
Feedback
Was this article helpful?
Yes
No
Powered by
