Troubleshooting
Problem
Getting an error when replacing an old, expiring certificate.
Symptom
When replacing an old, expiring certificate, with a new certificate having this alias with a double quote:
1108071cn=*.abc.com, ou=domain control - myssl(r), ou=see www.myssl.com/resources/xyz (c) 3, ou=gt8728350, serialnumber=rkijbkjhm4/gpmajsdqzup-ujb69vhdsncn=myssl ca, o="maptrust, inc." c=us
that has been imported into Personal certificates under NodeDefaultKeyStore:
(Path in Admistrative Console)
SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore > Personal certificates > Replace certificate)
The following error occurs:
CWPKI0666E: Certificate "1309071cn=*.abc.com, ou=domain control - myssl(r), ou=see www.myssl.com/resources/xyz (c) 3, ou=gt8728350, serialnumber=rkijbkjhm4/gpmajsdqzup-ujb69vhdsncn=myssl ca, o=" is not a personal certificate
Cause
The new certificate's alias has a double quote in its name ("maptrust, inc."):
1309071cn=*.abc.com, ou=domain control - myssl(r), ou=see www.myssl.com/resources/xyz (c) 3, ou=gt8728350, serialnumber=rkijbkjhm4/gpmajsdqzup-ujb69vhdsncn=myssl ca, o="maptrust, inc." c=us
Note that the alias needs to be in quotes since it contains blanks, so the first quote around "o=maptrust, inc." causes the beginning quote to end, which makes the certificate unrecognizable, thus the errors.
Resolving The Problem
Re-importing the new certificate with and assign a new alias that is shorter and does not have a double quote.
Historical Number
48789;7TD;000
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21675559