The requested public SSL certificate cannot be imported

The requested public SSL certificate cannot be imported

Applies to

All versions of Cryptshare Server

Symptom

The requested SSL certificate cannot be imported into the keystore with the following error:

  • English: Could not establish trust for the CA Reply.
  • German: Vertrauenskette für die CA Antwort konnte nicht erstellt werden.

9207982.png

Caus:

The information in the SSL certificate from the CA doesn't match the information in the sent CSR.

Solution

Export the private key from the keystore used for the creation of the CSR file and import it together with the requested SSL certificate into a new keystore.

1. open the existing keystore used for the generating of the CSR file

2. klick with the right mouse button on the entry in the keystore

3. open the menu entry 'Export --> Export Private Key'

9207984.png

4. save the private key in OpenSSL format to your local machine

9207985.png 9207986.png

5. create new Java-Keystore of type JKS


9207974.png 
9207973.png

6. import the available SSL certificate

9207972.png

7. select the certificate format, e.g. pkcs12 (.pfx) or OpenSSL (.crt, .cer, .pem)

9207989.png 9207991.png 9207992.png

8. import and check the certificate chain


9207970.png 
9207969.png
 9207968.png

9. save the keystore

9207967.png

10. use the default password 'CA0AZhuFM4NogQh', to save the Keystore

9207966.png

11. install the created keystore on the Cryptshare server Setting up an SSL Certificate

    • Related Articles

    • Installation of an existing SSL certificate (e.g. wildcard SSL certificate)

      Applies to: All versions of Cryptshare Server Purpose: This article describes how to install an already existing SSL certificate (e.g. wildcard SSL certificate) to your Cryptshare Server Solution: 1. Create new Java-Keystore with KeyStore Explorer 2. ...

    • User receives "ERR SSL PROTOCOL ERROR" when visiting the user interface

      Applies to: All versions of Cryptshare Server Symptom: The user visits the Cryptshare user interface and receives the following error in the browser: ERR_SSL_PROTOCOL_ERROR Alternatively, curl may receive the following HTTP response: ...

    • User receives "ERR SSL PROTOCOL ERROR" when visiting the user interface

      Applies to: All versions of Cryptshare Server Symptom: The user visits the Cryptshare user interface and receives the following error in the browser: ERR_SSL_PROTOCOL_ERROR Alternatively, curl may receive the following HTTP response: ...

    • Generating CSR from existing keystore

      Applies to: All versions of Cryptshare Server Purpose: This article describes how to generate a CSR for the renewal of an existing SSL certificate. Solution: 1. copy current KeyStore from your Cryptshare Server to your computer by using WinSCP 2. ...

    • Error codes in Cryptshare for Notes

      Cryptshare for Notes Error Codes The following table lists the error codes and generic message texts that are returned by the Cryptshare Server or the Crpytshare for Notes application. 10 The requesting product is not licensed: xyz The Cryptshare ...