A certificate key is generated in PAM, its CSR downloaded and a valid certificate is received from the Certification Authority

After successful verification that all is correct by means of the following commands, for instance

openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privateKey.key | openssl md5
openssl req -noout -modulus -in CSR.csr | openssl md5

Trying to upload the certificate to the instance where the key resides and subsequent validation results still in an error

Release :CA PAM all releases

One of the possible reasons for this is that the certificate file does not have the right extension and name. 

Please make sure the certificate received from the CA authority is named the same as the key which is created in PAM and that its extension is of type crt. Otherwise it may not pick it up properly