[Pki-users] I can not import a server certificate

Alejandro Saure Azcanio asaure at osh.com.mx
Thu Jan 26 21:07:52 UTC 2017 

When I try to import a server certificate from firefox I receive the
following message:

 

This personal certificate can't be installed because you do not own the
corresponding private key which was created when the certificate was
requested.

 

Steps to reproduce the problem
 
Step 1: Generate a certificate request for windows server 2003
 
Create the .inf file. to create the certificate request.

 

;----------------- request.inf -----------------

[Versión]

Signature="$Windows NT$

[NewRequest]

Subject = "CN = < fqdn de DC >"; Reemplazar por el FQDN del controlador de
dominio
KeySpec = 1
KeyLength = 1024
; Puede ser 1024, 2048, 4096, 8192 y 16384.
; Tamaños de clave mayores son más seguros, pero tienen
; un mayor impacto en el rendimiento.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0

[EnhancedKeyUsageExtension]

OID=1.3.6.1.5.5.7.3.1 ; Esto es para la autenticación de servidor

;-----------------------------------------------

 

Step 2:  Create the request file. To do this, type the following command at
the command prompt, and then press ENTER:

 

certreq -new request.inf request.req                               

 

Step 3: Submit the request to a CA.

 




 

 



 

Step 4: We approve the certificate from the administrator of dog tag

 

Step 5: We click on the retrieve tab then on list certificate then we look
for our certificate and click on the button import your certificate.
 

 
Show us the following message
 

 
How can I solve the problem?

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170126/0d31e7d3/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 15189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170126/0d31e7d3/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 9159 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170126/0d31e7d3/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.jpg
Type: image/jpeg
Size: 23527 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170126/0d31e7d3/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image009.jpg
Type: image/jpeg
Size: 32034 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170126/0d31e7d3/attachment-0003.jpg>

More information about the Pki-users mailing list