Forum Discussion
NimbostratusQuery about certificate!
i have created CSR from LB-1 and submitted to cert issuer cert issuer has issued cert This website is hosted on two diff LB's in Lobalancing OU is different for both LTM now i forget to create CSR on LB-2 and now i dont have cert for LB-2..although website CN is same but OU is different on LB-2 I tried to import same key and cert of website on LB-1 into LB-2 but it gives error, is there any way workaround to use the same cert on LB-2 as Common name is same for website only OU is different.
error i got is "01070313:3 error reading key PEM file /config/filestore_d/670509_d/common_d/certificate_key_d/:KEY NAME for profile /common/CERT NAME.clent.ssl:error some hex value_check_private_key:key values mismatch"
3 Replies
gefraHi BJ,
If I understand your question correct you would like to use the same certificate/key pair on 2 different load balancers and CN is the same. Did you try the make an archive for this specific cert/key pair and download this from LB1 and import this archive into LB2?
BR. Gefra.
BJ_114988I tried the same but got error
error i got is "01070313:3 error reading key PEM file /config/filestore_d/670509_d/common_d/certificate_key_d/:KEY NAME for profile /common/CERT NAME.clent.ssl:error some hex value_check_private_key:key values mismatch"
Lee_SutcliffeNacreous
As Gefra says, you'll need to import the certificate from LB1 to LB2. If you're getting the error above, it is because the certificate you're importing doesn't match the private key that you have on LB2.
When you're in the Web GUI, make sure you select 'Archive' from the Import/Type drop down box. You can then upload the archive you downloaded from LB1.
To further check you can add the public and private keys to a temp folder such as /var/tmp/ and check the certificate modulus using OpenSSL:
If the modulus is the same, you have the correct key pair:
openssl x509 -noout -modulus -in public.crt | openssl md5 openssl rsa -noout -modulus -in private.key | openssl md5
