Error importing a chained ssl certificate
search cancel

Error importing a chained ssl certificate

book

Article ID: 410594

calendar_today

Updated On:

Products

VMware Avi Load Balancer

Issue/Introduction

When importing and saving chained Certificate, Avi Controller throws an error "Ssl key and certificate with this Name and Tenant ref already exists"

This issue happens when you import a chained certificate where the Root or Intermediate Certificate in this chain are already in the system

 

Environment

All AVI versions until  30.2.4 2.p1

Cause

When a chained certificate is imported, Avi Controller stores Root and Intermediate certificates separately in the system. When user imports another chained certificate with the same Root/Intermediate Certificate, Avi complains that ssl key and certificate already exists. 

Resolution

Workarounds: Avoid importing the bundle. Instead, import the certificates individually, or import the root and intermediate certificates once, followed by the application certificate.

 

Open the chained certificate in text editor, 

-----BEGIN CERTIFICATE-----Content of your application certificate-----END CERTIFICATE----------BEGIN CERTIFICATE-----Content of your Intermediate CA certificate-----END CERTIFICATE----------BEGIN CERTIFICATE-----Content of your Root CA certificate-----END CERTIFICATE-----

2. Copy and paste application certificate only

-----BEGIN CERTIFICATE-----Content of your application certificate-----END CERTIFICATE-----

Issue is resolved in Avi version 30.2.4 2p2 and 30.2.5

Powered by Wolken Software