03-11-2021 02:05 PM
We are renewing a Digicert Identity certificate, and we get "Error: Import PKCS12 operation failed. Base64 decode failed. Our certificate SME insists the cert is good as he can convert the pfx to a pem (base64). Does anyone have an ideas for me to look at? This is a very new ASA, spun up at the beginning of the pandemic so we would have more seats for our VPN user base.
10-14-2021 11:44 AM
Did you resolve this issue? We are seeing the same issue where we are getting the same error message Error: Import PKCS12 operation failed. We have previously imported certificates in .pfx format fine for ssl VPN. Its come around to renewing the certificate, as it is due to expire soon. Certificate is from Digicert (Quo Vadis), the ASA in on 9.12.(4)18.
10-16-2021 04:17 AM
I am assuming you have done the renewal by creating a CSR, getting it signed by DigiCert, and then importing the certificate to the ASA?
Did you ask for, and receive, the full certificate chain from DigiCert and imported the received root certificate and sub certificate in the the trust store?
This failure most often happens because the root and/or sub certificate of the CA that was used to sign the identity certificate is not imported to the ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide