Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
758
Views
0
Helpful
2
Replies

cEdge certificate installation error

Go to solution
msizi.mthembu
Beginner
Beginner

ā€Ž12-07-2022 02:46 AM

Hello,

I am trying to install a cert on a lab cEdge device and get the below error.

LAB-IDA-RTR-01#$ware sdwan certificate install bootflash:ROOTCA.pem
Installing certificate via VPN 0
Copying ... /bootflash/ROOTCA.pem via VPN 0
System organization name [LAB-111] does not match with cert subject's OU [].
Failed to install the certificate !!
DEBUG item does not exist - cli command error
Error executing command: item does not exist - cli command error
LAB-IDA-RTR-01#

I have checked my cert against the one on the CA on the vmanage.

vManage-1:~$ ls -l | grep ROOT
-rw-r--r-- 1 admin admin 1675 Dec  7 07:30 ROOTCA.key
-rw-r--r-- 1 admin admin 1261 Dec  7 07:30 ROOTCA.pem
-rw-r--r-- 1 admin admin   17 Dec  7 07:48 ROOTCA.srl
vManage-1:~$
vManage-1:~$
vManage-1:~$ history | grep ROOTCA.pem
    8  openssl req -x509 -new -nodes -key ROOTCA.key -sha256 -days 2000 -subj "/C=ZA/ST=KZN/L=DBN/O=LAB-111/CN=msizi.local" -out ROOTCA.pem

vManage-1:~$ cat ROOTCA.pem
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIJAOjVd6vcrEirMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNV
BAYTAlpBMQwwCgYDVQQIDANLWk4xDDAKBgNVBAcMA0RCTjEQMA4GA1UECgwHTEFC
LTExMTEUMBIGA1UEAwwLbXNpemkubG9jYWwwHhcNMjIxMjA3MDczMDQzWhcNMjgw
NTI5MDczMDQzWjBRMQswCQYDVQQGEwJaQTEMMAoGA1UECAwDS1pOMQwwCgYDVQQH
DANEQk4xEDAOBgNVBAoMB0xBQi0xMTExFDASBgNVBAMMC21zaXppLmxvY2FsMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS9iXTuxQLgDhvbb4Fx9tXzn
jRNwOl0DXeiIbGCr5DxWbXbCogoJNGaQ9zbEGHBh6TK98Z5xsAeUSJsO4bAwBRiz
lkwr9I3mYQ+bTqWpcrQooA2Zxb7EVTcaUixhgG05MZru48Hq3wsiTjhISlGrpAHW
0NLEmLP/x09NuMkRIU0ldd8TzIeqgPMahepJWUf7X/Z+d6z0gFts96mxXHsvQ2rm
pmGhEKTeQIYfaRlRzG+cO/C2LtGi2bwAy/Vy3IosQ1sMdf6Qutok7qvOKd1+ofAr
RXb9TSPuTLR0zyBmZFVGT/abMwJfrqWlbxPeIkyrwDVlvVjAUktpII9Gx0yp7wID
AQABo1AwTjAdBgNVHQ4EFgQUEkksJFxI8y6afIKNOG5e8JeCAkswHwYDVR0jBBgw
FoAUEkksJFxI8y6afIKNOG5e8JeCAkswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEAdne+0SNAqRvjIY7gZPEA++EellMRX5jhRN66dz0vxn9tuOP7Il0W
XepbNOzku0ect2pn97V7OYsLOsOUSp/1pkP0XvXT6FTi7bwH9KamTbL2e8YUbH1g
k77zP8G1cjPjoty7xDTEJEz8/CraR65FSmWKbCImBdhy9V+ePcI4Eq/3bpjaCRLk
xlK6iXlWt5ztbHR9HhrcsQTVb9JkWLbg/9YFDJdx1bNCXAObTR1yxRxDLGBswL78
iNH4UETd4nIh1MUBvJyC8167WoGCwaVGtFQdcqtyO7R9CobW9upuai1xEIz4x6Ud
E4eNXoIaL1xa5TlN/wTCNm6S5lGmBe1Rww==
-----END CERTIFICATE-----

Cert on the cEdge

LAB-IDA-RTR-01#more bootflash:ROOTCA.pem
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIJAOjVd6vcrEirMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNV
BAYTAlpBMQwwCgYDVQQIDANLWk4xDDAKBgNVBAcMA0RCTjEQMA4GA1UECgwHTEFC
LTExMTEUMBIGA1UEAwwLbXNpemkubG9jYWwwHhcNMjIxMjA3MDczMDQzWhcNMjgw
NTI5MDczMDQzWjBRMQswCQYDVQQGEwJaQTEMMAoGA1UECAwDS1pOMQwwCgYDVQQH
DANEQk4xEDAOBgNVBAoMB0xBQi0xMTExFDASBgNVBAMMC21zaXppLmxvY2FsMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS9iXTuxQLgDhvbb4Fx9tXzn
jRNwOl0DXeiIbGCr5DxWbXbCogoJNGaQ9zbEGHBh6TK98Z5xsAeUSJsO4bAwBRiz
lkwr9I3mYQ+bTqWpcrQooA2Zxb7EVTcaUixhgG05MZru48Hq3wsiTjhISlGrpAHW
0NLEmLP/x09NuMkRIU0ldd8TzIeqgPMahepJWUf7X/Z+d6z0gFts96mxXHsvQ2rm
pmGhEKTeQIYfaRlRzG+cO/C2LtGi2bwAy/Vy3IosQ1sMdf6Qutok7qvOKd1+ofAr
RXb9TSPuTLR0zyBmZFVGT/abMwJfrqWlbxPeIkyrwDVlvVjAUktpII9Gx0yp7wID
AQABo1AwTjAdBgNVHQ4EFgQUEkksJFxI8y6afIKNOG5e8JeCAkswHwYDVR0jBBgw
FoAUEkksJFxI8y6afIKNOG5e8JeCAkswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEAdne+0SNAqRvjIY7gZPEA++EellMRX5jhRN66dz0vxn9tuOP7Il0W
XepbNOzku0ect2pn97V7OYsLOsOUSp/1pkP0XvXT6FTi7bwH9KamTbL2e8YUbH1g
k77zP8G1cjPjoty7xDTEJEz8/CraR65FSmWKbCImBdhy9V+ePcI4Eq/3bpjaCRLk
xlK6iXlWt5ztbHR9HhrcsQTVb9JkWLbg/9YFDJdx1bNCXAObTR1yxRxDLGBswL78
iNH4UETd4nIh1MUBvJyC8167WoGCwaVGtFQdcqtyO7R9CobW9upuai1xEIz4x6Ud
E4eNXoIaL1xa5TlN/wTCNm6S5lGmBe1Rww==
-----END CERTIFICATE-----

Kindly advise.
Regards,
Msizi

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bahkobg85
Beginner
Beginner

ā€Ž12-07-2022 03:06 AM

Msizi,

I think you try to install the root certificate using the CLI command for installing a device certificate. I think you should try with "request platform software sdwan root-cert-chain install bootflash:ROOTCA.pem".

HTH, Ivan 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
bahkobg85
Beginner
Beginner

ā€Ž12-07-2022 03:06 AM

Msizi,

I think you try to install the root certificate using the CLI command for installing a device certificate. I think you should try with "request platform software sdwan root-cert-chain install bootflash:ROOTCA.pem".

HTH, Ivan 

0 Helpful

Go to solution
msizi.mthembu
Beginner
Beginner
In response to bahkobg85

ā€Ž12-07-2022 03:12 AM

That fixed it, thanks Ivan.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents