Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2870
Views
0
Helpful
3
Replies

Error “Failed to decrypt serial number from Certificate” during certificate Installation on vManage, vBond and vSmart

Go to solution
Tyche
Level 1
Level 1

‎04-01-2020 12:45 PM

 

When trying to install Certificates on controllers (vManage, vBond, vSmart) I get the error message:  “Failed to decrypt serial number from Certificate”

 

I am running version 18.4.4 on all the Viptela servers and using the deployment guide :

 

Cisco SD-WAN Controller Certificates and Whitelist Authorization File Prescriptive Deployment Guide September 2019

(Option 5: Enterprise Root Certificate Authority CA)

 

I am using XCA on Windows to generate and sign my own certificates.

 

Please note after I changed from the default  Symantec Manual to Enterprise Root Certificate in Administration | Settings using the command show certificate root-ca-cert  I noticed that the root authentication certificate was still Verisign so I tried a reboot. That did not fix the issue so I  manually uninstalled the root certificate by issuing the command: request root-cert-chain uninstall ,then in vshell, I  copied my certificate to the filesystem using vi, and later issued the command:  request root-cert-chain install /home/admin/RootCA.crt to install my certificate manually.  

 

The rest was as indicated in the procedure 1) generate the CSR in CONFIGURATION|Certificates,  2) get it it signed (in XCA) , and 3. install the Certificate.

 

At that point I get the error.  Any help would be warmly welcome.

 

 

 

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tyche
Level 1
Level 1

‎04-09-2020 10:33 AM

I did find the solution to the problem.

 

Once you have imported the CSR request in the XCA application, sign it, then go to the tab "Certificates" and export to clipboard

the certificate that was signed.

 

My mistake was to export to clipboard the Certificate Request in the "Certificate Requests" tab.

(Obviously), once it is signed, the Certificate Request content is not the same ....

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Tyche
Level 1
Level 1

‎04-09-2020 10:33 AM

I did find the solution to the problem.

 

Once you have imported the CSR request in the XCA application, sign it, then go to the tab "Certificates" and export to clipboard

the certificate that was signed.

 

My mistake was to export to clipboard the Certificate Request in the "Certificate Requests" tab.

(Obviously), once it is signed, the Certificate Request content is not the same ....

0 Helpful

Go to solution
Carlos T
Level 1
Level 1
In response to Tyche

‎06-24-2020 04:56 PM

Thanks! I made the same mistake and fixed the same ways as you.
Cheers!
0 Helpful

Go to solution
sherinskariak
Level 1
Level 1

‎04-03-2023 01:52 PM

I had the same issue but i found the solution of it. 

When you create CSR on Root Authority for vManage and generate it, just make sure you copy the certificate only from beginning to end without any space, especially at the end and beginning. 

0 Helpful
Customers Also Viewed These Support Documents