Error after attempting to upload a custom certificate in an unsupported format to Flowmon
Information
Summary: |
If the certificate is in an unsupported DER encoded format, it will not be accepted by Flowmon and uploading it will result into an error |
Environment: |
Product: Flowmon Version: Any Platform: Any |
Question/Problem Description: |
I am having issues with uploading a custom certificate. I sent the csr to our CA to get signed, but when I try to upload the signed cert (DER encoded with .crt file-ending) with the key I always get the error message "Uploaded key does not match the certificate!". I checked and I am absolutely certain that the key I am trying to upload is the one I used to create the csr. |
Steps to Reproduce: | Upload the key and the matching DER encoded certificate, which will result in the error below. |
Error Message: | "Uploaded key does not match the certificate!" |
Defect Number: | |
Enhancement Number: | |
Cause: | Flowmon doesn't support DER encoded certificates. PEM certificates should be used instead. |
Resolution: |
To convert the certificate into PEM, a variation of the OpenSSL CLI command showcased below can be used. The 'server.crt' is the name of the certificate file that needs to be uploaded (with WinSCP for example) to /home/flowmon after logging in to Flowmon with SSH: $ openssl x509 -in 'server.crt' -inform der -outform pem -out server.pem Then, download the file and import they key and the new certificate file from GUI. If that doesn't help, it is possible to check the certificate to troubleshoot the issue further. Upload the key and the certificate to /home/flowmon and then run these CLI commands: For more details, please reach out to the Flowmon support. |
Workaround: | |
Notes: |