Importing a Certificate into VMware Aria Suite Lifecycle fails with error: "Failed to read key file"
Article ID: 404031
Updated On:
Products
VCF Operations/Automation (formerly VMware Aria Suite)
Issue/Introduction
- When attempting to import a signed certificate file into VMware Aria Suite Lifecycle, the process fails with the error message:
"Failed to read key file" - Additionally, the following exception is recorded in the
/var/log/vrlcm/vmware_vrlcm.log
####-##-#####:43:07.512Z ERROR vrlcm[1783] [http-nio-8080-exec-8] [c.v.v.1.1.c.InputValidationExceptionHandlingController] -- Handling PKIException with error message: Failed to read key file
Environment
VMware Aria Suite Lifecycle 8.18.x
Cause
- This issue occurs when the certificate chain file includes either an encrypted private key or an SSH-RSA private key. VMware Aria Suite Lifecycle is unable to properly decode these key formats, resulting in a failure to read the certificate metadata
- The Encrypted private key in PEM format looks something like this:
-----BEGIN ENCRYPTED PRIVATE KEY-----MIIBIjANBgkqhkiG9w0BAQE......-----END ENCRYPTED PRIVATE KEY----- - The SSH-RSA private key in PEM format looks something like this:
-----BEGIN RSA PRIVATE KEY-----MIIBIjgkqhkiG9w0BAQE......-----END RSA PRIVATE KEY-----
Resolution
To resolve this issue, provide a valid private key file in the certificate chain file and retry importing the file
Feedback
Yes
No
Powered by
