I'm having some trouble importing a new certificate and was hoping someone could help.

I am attempting to renew my SSL certificate from Godaddy.  Nothing has changed with the cert aside from the dates.  The renewal was processed on Windows successfully.  I exported the cert with key (including intermediate) from Windows and tried import with ASDM and got the error "ERROR: Import PKCS12 operation failed".  I tried manually importing the GoDaddy intermediate certificate manually (successful) and then tried an export from Windows of the cert and key minus the intermediate, and it still failed with the same error.  I converted the pfx to base64 with openssl and attempted the import via CLI and got the same error again.

At this point I deleted all trustpoints and certificates from the ASA and started over.  I created a new CSR using the ASA instead of the Windows server, and had Godaddy rekey the certificate using the new private key from the ASA.  I tried to import that and got the error "ERROR: Failed to parse or verify imported certificate".  I then took the new cert and key, built a new pfx and tried importing that via ASDM, same PKCS12 error.  I Base64 encoded that certificate and tried via CLI, and again the same PKCS12 operation failed error.

We previously had a UCC certificate installed, so I don't think that's the problem.  I have tried debugging crypto ca at 255, and there is nothing aside from several "CRYPTO_PKI: certificate contains extension OID: xx xx xx".  Does anyone have any suggestions for this?

Thanks

Robert