07-11-2022 10:38 PM
I am trying to combine our CA issued .crt with the our private.key in order to load it to our FTD VPN device. I've been using OpenSSL in expert mode on the FTD CLI to accomplish this. Is there anyone that is more familiar with openssl that has seen the following errors or knows how to interpret them?
root@VPN01:/ngfw/Volume/home/admin# openssl pkcs12 -export -out 4100vpn.pfx -inkey private.key -in 4100vpn.crt
unable to load certificates
140482854900800:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:crypto/asn1/tasn_dec.c:1149:
140482854900800:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:309:Type=X509_CINF
140482854900800:error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:646:Field=cert_info, Type=X509
140482854900800:error:0907400D:PEM routines:PEM_X509_INFO_read_bio:ASN1 lib:crypto/pem/pem_info.c:196:
root@VPN01:/ngfw/Volume/home/admin#
I have tried the openssl command on different devices with the same results.
Thanks
Matt
Solved! Go to Solution.
08-01-2022 10:00 PM
So, it seems that you shouldn't use the OpenSSL that is on the FTDs. I tried this on my Linux computer with the same results. I was able to get this to work with OpenSSL installed on my Windows computer. Which seems counter intuitive.
08-01-2022 10:00 PM
So, it seems that you shouldn't use the OpenSSL that is on the FTDs. I tried this on my Linux computer with the same results. I was able to get this to work with OpenSSL installed on my Windows computer. Which seems counter intuitive.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide