Summary
When you upload a PKCS7 certificate to the SSFE server, you receive the following error message:
Details
The error appears because SSFE does not support PKCS7 certificates but supports only PKCS12 certificates.
PKCS12 certificates use extensions such as .pfx and .p12.
To resolve the issue:
- Get the PKCS12 certificate issued by your Certificate Authority (CA) company.
- Convert the PEM file. You can do this in two ways:
Option 1
- Upload the .pfx file to the /home/safesync folder in the SSFE server using an SFTP client and FTP client such as WinSCP.
- Log in to the SSFE command console using the putty command line.
- Under /home/safesync, run the command "openssl pkcs12 -in xxxxxx.pfx -out xxxxxx.pem –nodes".
Option 2Upload the .pfx file to a SSL converter website and provide a password.Note: This method is not recommended due to security issues.A sample website that has SSL converter features is sslshopper.com.- Click Choose file to upload the .pfx file.
- Under Type of Current Certificate, select PFX/PKCS#12.
- Under Type to Convert To, choose Standard PEM.
- On the PFX Password field, provide a password.
- Click Convert Certificate and then download the PEM file.
- Open the PEM file and copy the following sections:
-----BEGIN PRIVATE KEY-----
xxxxxxxxxxxxx……
-----END PRIVATE KEY----------BEGIN CERTIFICATE-----
xxxxxxxxxxxxx……
-----END CERTIFICATE----- - Go to Admin Console > System Settings > SSL Certificate.
- Under Step 1, provide the certificate that you copied in Step 3.
- Under Step 2, click Choose file and then provide the private key that you copied in Step 3.
- Click Update to update the SSL certificate.