Forum Discussion

tarma_58716's avatar
tarma_58716
Icon for Nimbostratus rankNimbostratus
Jun 27, 2011

"ASN1_CHECK_TLEN:wrong tag" when importing a PEM certificate

Hi all   i'm having an issue on importing a certificate into the F5.   When i import the certificate, i'm having this error message: "Import Failed: Open SSL error: error:0D0680A8:asn1 encoding ...
dev
devops
iControl
Patrik_Jonsson's avatar
Patrik_Jonsson
Icon for MVP rankMVP
Sep 20, 2016

In my case, the error was due the string format of the PEM file. Converting directly from array to string without line breaks does not work so those had to be added.

Using powershell I managed to solve it like this:

Function Import-KeyToF5 {

    Param($F5, $KeyPEM, [string]$KeyName)

    $ManagementModetype = New-Object iControl.ManagementKeyCertificateManagementModeType
    $SecurityType = New-Object iControl.ManagementKeyCertificateSecurityType

    $F5.ManagementKeyCertificate.key_import_from_pem_v2($ManagementModetype, @($KeyName), @($KeyPem), $SecurityType, @(""), $true)

}

Convert the PEM key from an array of strings to a string with line breaks
$TempPem = $KeyPEM -join "`n"

Import-KeyToF5 -F5 $f5 -KeyPEM ([string]$TempPem) -KeyName "star.test.test.key"

Hope it helps someone!

/Patrik