Quantcast
Channel: VMware Communities: Message List
Viewing all articles
Browse latest Browse all 219257

Re: How to import a certificate into NSX NLB?

$
0
0

Hi all,

 

I solved this issue.

 

The problem was that the NSX would not allow the key to be imported because it was in PKCS8 format (which you can validate because when you open the key you see "-----BEGIN PRIVATE KEY...").

The default format that all of the commands in all blogs and the VMware KB is PKCS8.

 

The required format to be able to import it is the PKCS1 format. When you open a key that is in that format it looks like this: "-----BEGIN RSA PRIVATE KEY..."

 

After generating a new key file in the required format and copy/pasting the contents of that into the NSX import certificate wizard, the certificate imported without problems.

 

Another thing to note is that I got confused about the CA certificate and the NLB certificate. As per the blogs you actually concatenate both certificates together so, when you import the NLB certificate, both certificates automatically appear in the console.

 

Now, to change the format of the key file it is very easy.

Just navigate to the folder in an SSH session where the key file is (/ha or /certs or whatever) and run the following command:

 

openssl rsa -in original_key_name.key -out new_rsa_key_name.key

 

e.g.    openssl rsa -in lb.key -out rsalb.key

 

I hope that helps anyone else with this problem.

 

Regards

Mark


Viewing all articles
Browse latest Browse all 219257

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>