Failed To Import A Local Certificate; Failed To Export Certificates - HP FlexFabric 5930 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 5930 Series:
- Configuration manuals (467 pages) ,
- Command reference manual (87 pages) ,
- Installation manual (73 pages)
Table of Contents
Advertisement
Failed to import a local certificate
Symptom
A local certificate cannot be imported.
Analysis
The PKI domain has no CA certificate, and the certificate file to be imported does not contain the
•
CA certificate chain.
CRL checking is enabled, but CRLs do not exist locally or CRLs cannot be obtained.
•
The specified format does not match the actual format of the imported file.
•
The device and the certificate do not have the local key pair.
•
•
The certificate has been revoked.
The certificate is out of the validity period.
•
The system time is wrong.
•
Solution
1.
Obtain or import the CA certificate.
2.
Use undo crl check enable to disable CRL checking, or obtain the proper CRLs.
3.
Make sure the format of the imported file is proper.
4.
Make sure the certificate file contain the private key.
5.
Make sure the certificate is not revoked.
6.
Make sure the certificate is valid.
7.
Configure correct system time for the device.
Failed to export certificates
Symptom
Certificates cannot be exported.
Analysis
•
The PKI domain does not have local certificates when you export all certificates in PKCS12 format.
The specified export path does not exist.
•
The specified export path is illegal.
•
The public key of the local certificate to be exported does not match the public key in the key pair
•
of the PKI domain.
The disk space is full.
•
Solution
1.
Obtain or request local certificates.
2.
Use mkdir to create the required path.
Specify a correct export path.
3.
4.
Configure the proper key pair in the PKI domain.
5.
Clear up the disk space of the device.
101
Advertisement
Table of Contents
Troubleshooting
