Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
676
Views
0
Helpful
1
Replies

Issues with CSR from ASA

james.king14
Level 1
Level 1

‎09-27-2023 12:08 PM

Each time I create a CSR from the ASA 5585-x (9.x) they are corrupted.  I used OpenSSL to create CSR and private Key and getting these errors.  


openssl pkcs12 -export -out GDOct_2024.pfx -inkey privkey.pem -in GD_OCT24.csr
Enter pass phrase for privkey.pem:
Could not read any certificates from -in file from GD_OCT24.csr

openssl pkcs12 -export -out GDOct_2024.pfx -inkey privkey.pem -in GDOct_2024.pem
Enter pass phrase for privkey.pem:
Could not read any certificates from -in file from GDOct_2024.pem


C:\Users\j.king>openssl pkcs12 -export -inkey privkey.pem -in GD_OCT24.csr -out GD_OCT24.pfx
Enter pass phrase for privkey.pem:
Could not read any certificates from -in file from GD_OCT24.csr

openssl pkcs12 -export -inkey privkey.pem -in GD_OCT24.txt -out GD_OCT24.pfx
Enter pass phrase for privkey.pem:
Could not read any certificates from -in file from GD_OCT24.txt

openssl rsa -noout -modulus -in privkey.pem
Enter pass phrase for privkey.pem:
Modulus=D6FE2E71C551073FF4E1240908D0BD3A71DA5E568D00B97984FE008D3DABD6348124CDDF95A4D9E3AEA38A37B14D604867A1F5FD6BCC87957FF1F454A3C799C9CAAE141021D71B6D1B5C2C4B6AB2FE5646EB9FB8B8F92BC4569DE81841C352BE3345B0C251851E95477336DC0663F1D3F3C9E7D11CD3C29DC664176A69D99E4ACCCCCB5E624F4A6DE021D3ABA566E27B135B60448557B3A5031CC15C14D699124F7810610A0422A92147AFB8CE01AE5CEAF5162E997D6E1C58C4A6F61084CB36BEA4224F43DDD7F87D980E0C893BB021A7F4D434296DD9B7F4270B9A763FFC1948525BB2F942DCC1DC292A41B045BFCCE451F492C0BD30C36E1E3783394D9FFF

openssl req -noout -modulus -in GD_OCT24.csr | openssl md5
MD5(stdin)= 6d3d8edc311f287f3563fbad0856140b

openssl req -noout -modulus -in privkey.pem | openssl md5
Unable to load X509 request
68950000:error:0480006C:PEM routines:get_name:no start line:crypto\pem\pem_lib.c:763:Expecting: CERTIFICATE REQUEST
MD5(stdin)= d41d8cd98f00b204e9800998ecf8427e

openssl req -noout -modulus -in GD_OCT24.txt | openssl md5
MD5(stdin)= 6d3d8edc311f287f3563fbad0856140b

 

Labels:
0 Helpful
1 Reply 1

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-28-2023 03:58 AM

Hi @james.king14,

In first example you posted (and I would assume in all others, as it looks to me that they are just renamed files), you are trying to create PFX file out of private key and CSR, which is not possible. CSR stands for Certificate Signing Request, and that is exactly - request that needs to be signed. Once signed, it becomes certificate. You are getting warning that you have no certificate inside CSR, which is accurate.

You need to get CSR which you got out from ASA signed by your PKI. Once signed, you'll need to try again with certificate file.

Kind regards,

Milos

0 Helpful
Customers Also Viewed These Support Documents