cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2449
Views
5
Helpful
8
Replies

certificate issue with controllers after generate csr

ahmad.rz
Level 1
Level 1

Hello.

I'm in trouble with certification. I've installed a CA Server(Microsoft), and accord to documents get .cert certificate for vmanage-web and copy it in this path: "Setting" and then open "Controller Certificate Authorization" and select "Enterprise Root Certification" and select the cert file, Also filled entire items below the "Set CSR Properties".

After that open "Configurations" and then go to "Controllers" and after select vManage tap on "Install Certificate" and then select cert file for vmanage which gets from CA decode64 CSR code Generated and then click Install. After all of these steps I get this error :

error-.JPG

 

Please help. I will get crazy!!

Be quick and careful!
8 Replies 8

 Re-generate CSR, Sign it again and install.

 

Thanks,

Srikanth

I did it, but problem still exist.

Be quick and careful!

ahmad.rz
Level 1
Level 1

I solved the problem, but after click on Install certificate, one next page when it goes to scheduled I get this output error:

 

 

[8-Sep-2019 8:59:28 IRDT] Install Certificate, on device 35a1f932-44bb-4b31-9108-c839e268246f, started by user "admin" from IP address "192.168.42.44"
[8-Sep-2019 8:59:29 IRDT] Pushing serial list to vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:29 IRDT] Started processing serial list file on vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:30 IRDT] Completed processing serial list file on vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:31 IRDT] Done - Push vSmart List for vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:31 IRDT] Updated controllers with new certificate serial number of vManage-35a1f932-44bb-4b31-9108-c839e268246f
[8-Sep-2019 8:59:32 IRDT] Failed to process device request -
Error type : application
Error tag : operation-failed
Error Message : log : Error: root-ca-chain unable to validate the certificate... Aborting !
Error info : <error-info>
<bad-element>install</bad-element>
</error-info>

[8-Sep-2019 8:59:32 IRDT] Pushing serial list to vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:33 IRDT] Started processing serial list file on vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:34 IRDT] Completed processing serial list file on vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)
[8-Sep-2019 8:59:34 IRDT] Done - Push vSmart List for vManage-35a1f932-44bb-4b31-9108-c839e268246f (SIC-vManage)

Be quick and careful!

Did you install the root certificate?

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

I guess no, how ?

Be quick and careful!

You can install either via vManage or directly on vSmart using "request root-cert install" command.

 

Have a look at the below video for help.

https://youtu.be/UJEgiUck9vA

 

Thanks,

Srikanth

samirshaikh52
Level 2
Level 2

I am facing same issue, could you please post the solution. It will highly appreciated.

what's your exact problem? explain more. 

Be quick and careful!
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco