04-28-2015 06:27 AM
i uploaded this certification to the WSA and it returned this error "Key cannot be parsed or found"
i am using a csr generated by the WSA
what could be the issue
05-09-2015 06:32 PM
Hi,
Are you using Microsoft CA server to signed the CSR that you have downloaded from WSA?
If yes you can follow the below:
1. Download the CSR from the WSA
2. Open the CSR using Wordpad or another text editor and copy the Certificate Request section (only the section --BEGIN CERITIFICATE REQUEST-- xxxxx --END CERTIFICATE REQUEST--)
3. Navigate to the MS CA server: https://server/certsrv
4. Select "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file"
5. Click Certificate Template and choose Subordinate Certification Authority
6. Paste in your copied CSR
7. Download your CA signed certificate
8. Upload the signed certificate (make sure you use the Signed certificate upload section and not the top section.
Tips: We need to Submit > Commit the changes on every step changed on WSA. In case WSA giving errors such as “Certificate and key do not match”, please review the steps above with customer again.
Reference:
Video KB: Steps to enable HTTPS proxy on WSA & Certificate Signing Request (CSR) option.
Also Attached documentation from Microsoft CA perspective.
Hope this helps
06-30-2015 07:52 AM
I tried your instructions, but I get the still get the error that the key cannot be parsed.
Also, in the pdf you attached, the screenshot shows the HEX part of the CSR being pasted into the request, when in the instructions you say to only copy the part including "-----BEGIN CERTIFICATE REQUEST ---" etc... ?
09-10-2015 01:32 AM
hello guys
I faced this same issue
once you generate the CSR commit the change
then follow the instructions given because the appliance might revert back to the previous certificate while you are working one the CA server
this should work
09-10-2015 01:48 AM
After creating CSR you have to submit and commit changes and then upload a certificate and it will work.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: