Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3155
Views
0
Helpful
4
Replies

Problem with Upload PEM certificate

rodrigo.hernandez
Level 1
Level 1

‎09-02-2013 11:04 AM

Dear Mister

I tried today to upload certificates and keys, from FTP server toward ACE LB. This was the show:

CL-LB-ACE-02/C1# 

CL-LB-ACE-02/C1# crypto import ftp 172.23.107.5 admin dicom.cl.pem dicom.cl.pem

Password:

Passive mode on.

Hash mark printing on (1024 bytes/hash mark).

######

Successfully imported file from remote server.

Error: File not of recognized types - PEM, DER or PKCS12, import failed

Well. I have a little question.

a) The file is .PEM. Why is the reason for failed import?

b) I have a doubt. In this case we need to migrate certificates and key from the server toward the ACE.

The server is AIX IPLanet. The repository are  key3.db / cert8.db

In this case, what need to do the customer, in order to can migrate in PEM type toward the ACE.

Best Regards

Labels:
0 Helpful
4 Replies 4

ravi281278
Level 1
Level 1

‎09-06-2013 09:55 PM

Hi Rodrigo,

I think you again need to generate CSR & Key on ACE.

1. We need to provide CSR & key to CA.

2. CA provides us the certicate and that we need to upload on ACE.

Please go through the below URL

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/ssl/guide/aceSSLgd.pdf

Regards

0 Helpful

Cesar Roque
Level 4
Level 4

‎09-09-2013 01:33 PM

Hi Rodrigo,

If the file is PEM, you should be able to open the file using notepad.  Open the file copy all the output and use this command:

#crypt import terminal {cert_name}

Paste the output from notepad

---------------------
Cesar R
ANS Team

--------------------- Cesar R ANS Team
0 Helpful

JeramyKoval
Level 1
Level 1

‎09-14-2013 03:21 PM

I've experienced this error before on several occasions.  As Cesar mentions first make sure you can open the file.  In some cases it can be corrupt.  The other time I've seen this problem is if there is a password in which case you need to add the passphrase statement to your crypto import line.

0 Helpful

ajayku2
Cisco Employee
Cisco Employee

‎09-15-2013 11:19 PM

Hi Rodrigo,

It is possible that the key is encrypted with a password.

Please follow the steps as described in the link below in order to decrypt the key.

http://support.citrix.com/article/CTX122930

Many times just a extra line or space can corrupt the certificate.

Let me know if that helps.

regards,

Ajay Kumar

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card