Top Secret Digital Certificate receives TSS1501E - No private key, DSN shows a Private key

book

Article ID: 222121

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction

Import of a Certificate in PEM File shows the certificate having both a public and private key:
----BEGIN CERTIFICATE----- 
certificate public key information
contained between begin and end 
certificate
 -----END CERTIFICATE-----              
 -----BEGIN ENCRYPTED PRIVATE KEY-----
certificate private key information contained
between the begin and end  encrypted
private key
-----END ENCRYPTED PRIVATE KEY-----

When the certificate is ADDED to an acid it only shows having a public key.
An Export receives TSS1501E - No Private Key Exists

Environment

Release : 16.0

Component :

Resolution

The certificate in the PEM file was in two separate parts instead of in one complete certificate containing both the private and public key.
 The below dataset contains two files:
----BEGIN CERTIFICATE----- 
certificate public key information
contained between begin and end 
certificate
 -----END CERTIFICATE-----              
 -----BEGIN ENCRYPTED PRIVATE KEY-----
certificate private key information contained
between the begin and end  encrypted
private key
-----END ENCRYPTED PRIVATE KEY-----
A CHKCERT will show the certificate only having a public key.  Top Secret will not recognize the second file in the dataset.
The certificate needs to be in either FORMAT(PKCS12DER) or FORMAT(PKCS12B64) and in one file which will start with:
----BEGIN CERTIFICATE----- 
and end with:

-----END CERTIFICATE-----