03-04-2016 04:31 AM
I'm trying to install a new wildcard certificate on a ZD3000 running 18.104.22.168 build 156.
I import the certificate (CRT) and then I'm told I need to import a private key to match. I have a PFX file which I converted to PEM format as the ZD won't accept PFX files but still no luck. I've verified that the cert and private key do match using https://www.sslshopper.com/certificate-key-matcher.html so why doesn't the ZD accept the key? Any ideas?
03-04-2016 04:39 AM
03-04-2016 10:02 AM
Thanks. I managed to sort it.
After exporting the certificate with private keys from the server I then had to convert it to PEM format (PFXFilename.pem) using OpenSSL.
Then I had to extract the certificate only using the command - openssl pkcs12 -in PFXFilename.pfx -clcerts -nokeys -out PFXFilename_cert.pem
I then exported private key only: openssl rsa -in PFXFilename.pem -out PFXFilename.pem_key.pem
That still didn't work, until I edited both files to remove any text before the -----BEGIN CERTIFICATE----- and -----BEGIN RSA PRIVATE KEY----- lines and anythign aftert the -----END CERTIFICATE----- and -----END RSA PRIVATE KEY----- lines
That last bit seemed to be the missing link as only then was I able to import the certificate and key successfully to the controller.
09-15-2022 12:47 PM
I'd appreciate seeing the commands used in this process.
I installed the Ruckus_Wireless_ZoneDirector_SN-321408000091_certificate.crt in my Linux
/usr/share/ca-certificates/ruckus directory and updated my ssh certificates. I haven't
seen any improvement yet. David_Nanon's procedure of uploading the .crt and key to browsers
looks very interesting but the exact steps aren't clear yet. Mind elaborating on the details?