"Failed to parse PEM block, ERROR: x509: malformed tbs certificate" error when trying to import an externally signed SSL certificate in Cloud Director Object Storage Extension
Article ID: 320457
Updated On: 12-04-2024
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- You cannot import a certificate in Cloud Director Object Storage Extension.
- Using the command ose cert import will fail in version 2.2.1.
- You receive an ERROR: decode message when attempting to import a certificate into Cloud Director Object Storage Extension.
- The Object Storage Extension service will not start following a replacement of the certificates
- Access keeper: load certificate from a file, ERROR: decode PEM, ERROR: pkcs12: unknown digest algorithm: 2.16.840.1.101.3.4.2.1.
- OSE can not be auto-started as the Certificate has failed
Environment
VMware Cloud Director 10.x
Cause
This is a known issue in Object Storage Extension 2.2.1.
This issue occurs when leveraging OpenSSL versions greater than 1.x to generate the SSL Certificate.
This issue occurs when leveraging OpenSSL versions greater than 1.x to generate the SSL Certificate.
Resolution
This issue is resolved in Object Storage Extension 2.2.2 found at Broadcom Downloads .
If you cannot upgrade, please review the Workaround section below.
Workaround:
If you are not in a position to upgrade Object Storage Extension, you will need to downgrade the version of OpenSSL used to generate the certificate.
Once you are using a version 1.x or less, revisit the steps in the documentation to export and import the certificate into Object Storage Extension.
Install VMware Cloud Director Object Storage Extension
Additional Information
Feedback
Was this article helpful?
Yes
No
Powered by
