NSX Application Platform Automation Appliance deployment wizard fails with an Error message when attempting to input a Harbor certificate,
Error Importing multiple CA certificate without leaf certificate is not allowed (Error code 2024)
NAPP 4.2
NSX Application Platform Automation Appliance deployment wizard is expecting a leaf certificate (a certificate that is issued by a trusted Certificate Authority) and is not allowing the import of multiple CA certificates without a leaf certificate.
To resolve this issue, push the server.crt first and then the harbor_ca.crt files to the NSX Application Platform Automation Appliance deployment wizard in a single attempt.
This will allow the wizard to import the leaf certificate and the CA certificate correctly, resolving the error.
SSH to Harbor and retrieve the certificate, which is named server.crt and harbor_ca.crt in the /storage/certs directory.
root@harborselfsigned [ ~ ]# cd /storage/certs/
root@harborselfsigned [ /storage/certs ]# ls -al
total 36
drwxr-xr-x 2 root root 4096 Oct 19 15:21 .
drwxr-xr-x 6 root root 4096 Oct 19 15:21 ..
-rw-r--r-- 1 root root 50 Oct 19 15:21 extfile.cnf
-rw-r--r-- 1 root root 1972 Oct 19 15:21 harbor_ca.crt
-rw------- 1 root root 3272 Oct 19 15:21 harbor_ca.key
-rw-r--r-- 1 root root 41 Oct 19 15:21 harbor_ca.srl
-rw-r--r-- 1 root root 1691 Oct 19 15:21 harbor.corp.info.csr
-rw-r--r-- 1 root root 2025 Oct 19 15:21 server.crt
-rw------- 1 root root 3272 Oct 19 15:21 server.key