Sorry I was on leave, here a new link for future reference:
Thank you everyone! Version 1.0 was the trick to getting it to work!
Now I am having trouble getting a cert to load on a SmartUPS-1500 with a NMC2 card. I am able to create the .p15 cert ok, after I upload it in the webui, it just keeps saying "loading certificate" eventually the default cert gets regenerated but it keeps saying "loading certificate" until I reboot the nmc. What am I doing wrong?
Have you checked if the date/time are correct on the UPS?
yeh I have it connected to our ntp server :/ I saw your earlier post about time and was hoping that was it , but no unfortunately.
This is what I get every time I tried to upload a new cert to any of my 9630 NMC2 cards running 6.4.0 or 6.9.6, doesn't matter what version. Same cert works fine on my 9640 NMC3 card. Help!
Hmm, if it works fine on your NMC3 cards but not your NMC2 cards then it might be to do with the security used.
The NMC2 supports certificates up to SHA256RSA, 2048 bit key length and no intermediate certificates.
I can review them if you'd like? Just upload the the unsigned .p15 file, the CER/CRT response from your CA, the signed .p15 file and a text file with the commands you used to the link below:
Hi Gavan, sorry for the late response I had other issues happening that I had to address. When I look at the certificate that was generated in the chain there are 2 certs, our Root CA(which is turned off) and our Sub CA which actually signed it. So I assume this sort of setup wouldn't work? RCA-->SCA-->Cert ?
It depends, sometimes you can edit the CER/CRT, file remove the intermediate cert and everything will work.
So I looked at the signed cert I got from our SCA and in it there is only one entry "begin cert" then "end cert". When I look at the cert using windows it shows this as the chain:
top being our RCA the middle the SCA and then the actual cert on the bottom. I also checked its using Sha256rsa. Any other thoughts? Thank you for your help!!
If you want to upload all the files I requested earlier to the box link I can have a more detailed look.
We're generating CSR's and private key's using NMC Security.The CSR's are being sent to our in-house Microsoft CA.The CA signed cert and the original private key from the CSR generation are imported using NMC Security.Attempting to upload and apply the certificate returns "no certificate installed".
Model Number: AP7723
I wanted to let you know that once I switched to a 2 year certificate from a 5 year template the NMC2 card accepted the certificate. As far as I can tell that was the only difference between the 2 cert templates on our MS CA server. Our NMC3 card will accept the 5 year certificate though! Go figure!
Hey, Did you finally get an answered? I'm having the same issue and is very frustrating.
Yes, 2 things that I needed to know 1) you need version 1.0 of their nmcli wizard to convert your cert to p15 format. 2) if you are using NMC2 cards make sure the cert you generate is 2 years, if NMC3 5 year is ok. Thats about all I know, but at least it got the certs installed on my management cards! HTH
I upgraded the UPS to 6.9.6, and use the 1.0 NSW CLI, The process for generate the key runs smooth and confirm the p15 generate successful but when I try to upload to UPS takes forever.
What is the length of the cert you created on your CA?
Let me clarify, was it a 1 year 2 year, 3 year etc?
Is Two Year, length the Key I'm using is 2048.
Ok, NMC2 or NMC3 management card?
Is a NMC2 integrated to the UPS.
I have installed 30+ certs on NMC2 cards, AP9630 without any issues. We have started to move to NMC3, AP9640, cards and can't seem to get a cert to load. Used the exact same process:
Any idea why the it does not seem to recognize the cert in the ssl folder?
Upload the cert via the NMC web interface, the usual way.
Then, can you try to SSH to the NMC3 and issue this command?
ssl key -i ssl/certificate-name.p15
Once you have done the above, run this command to see if the cert is loaded correctly.
ssl cert -s
Please let me know how this goes for you.
That did it! Thank you!
This is what I get every time I tried to upload a new cert NMC2 cards running 6.9.6, doesn't matter what version. Help!
Choose a location