Error: "The certificate file is not valid." when importing a SMS provider certificate AM8.1 - error importing certificate

3 years ago

Originally Published: 2014-12-11

Article Number

000049910

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1.0
Platform: VMware
Platform (Other): null
O/S Version: ESXi 5.0
Product Name: RSA-0010810
Product Description: RSA-0010810

Issue

Error: "The certificate file is not valid." when importing a SMS provider's certificate

Cause

Incomplete certificate, does not include a valid trusted root.
incorrect certificate format.

Resolution

The SMS vendor's Server certificate will need to be modified on a Windows Vista or newer system. Make sure the Windows system has the latest Microsoft Trusted root certificate list, AND is able to reach the Internet to provision certificates.
Verify the SMS server certificate includes a full path to a trusted root certificate, if it does not, the customer needs to contact the SMS vendor to get all of the certificates in the certification path, as separate files. Install and trust the root into the Windows Trusted root Authority, and also install and trust any intermediate certificates.
Verify the server certificate now shows a full certification path in Windows.

Verify the root certificate can be imported into the Security Console; this is not the actual certificate that is needed, but being able to import it successfully is necessary.

Open the SMS Vendor's Server certificate, under the Details tab select "Copy to File..." .
Choose the format:
Base-64 encoded x.509
and save the modified certificate. Import the modified certificate through the Security Console.

Notes

This has been seen frequently when Clickatell has replaced certificates with ones that use a different (usually stronger) trusted root certificate.

Don't see what you're looking for?

Related Articles

Trending Articles