trouble adding wildcard cert

moody · ‎08-25-2016

ise 2.1

i'm trying to add a wildcard cert. was told i would need to get an exported cert and key from the non-ise server that was used to get the wildcard cert.

i received 3 files: the ca cert (ca.crt), the wildcard cert (abc.crt), and the key (def.rtf)

i added the ca.crt to ise ok in the trusted certificate section.

i then tried to import the system cert (abc.crt) along w/ the private key, but i'm getting errors "private key validation failed"

1 - am i going about this the right way?

2 - is the .rtf file for the key the issue and if so - how can i convert it

3 - does it matter that the key is actually from a different server?

Marvin Rhoads · ‎08-25-2016

Certificates and private keys should both be in PEM format. Those are the ones that begin and end with lines like:

-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

and

-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----

...with a whole lot of ASCII text in between them. You can verify by opening them in a text editor. The extension doesn't really matter as long as the file contents are plain ASCII text delimited properly.

With those in hand, you can validate that a given key is the right one for a given certificate using openssl (or if you trust it, a webified interface that does the same thing: https://www.sslshopper.com/certificate-key-matcher.html )