Symptom
- The private key is not accepted when trying to renew the certificate;
- Error when trying to upload the private key;
- Unable to install/import the certificate;
- error : The private key is not valid.
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Environment
SAP SuccessFactors Recruiting Marketing
Reproducing the Issue
- Navigate to Admin Center > Manage Career Site Builder;
- Tools > SSL Certificates;
- Under Option 2 click on Upload SSL Certificate;
- Select "I want to upload an SSL certificate that I obtained using my own CSR." and click on Next;
- Upload the files including the Private Key;
- After pressing the button Submit;
- You will receive an error informing you that the private key is not valid.
Cause
Either the private key is encrypted or it is an RSA private key. Neither are accepted by Career Site Builder.
In order to confirm, open the file that contains the private key and check if there's the prase BEGIN RSA PRIVATE KEY as follows:
or BEGIN ENCRYPTED PRIVATE KEY as follows:
Resolution
RSA private key :
If you have an issue to upload the RSA private key, you can convert that to a standard private key format with openssl (download from here) command. You can execute to the following command to a standard private key as follow:
openssl pkcs8 -topk8 -nocrypt -in rsa_server.key -out without_rsa_server.key
rsa_server.key = private key (the file can be pem or cer)
without_rsa_server.key = the output (the file can be pem or cer)
The file without_rsa_server.key should be used now in CSB.
Encrypted private key:
- Copy the private key file into your OpenSSL directory (or specify the path in the command below).
- Run this command: openssl rsa -in [original.key] -out [new.key]
- Enter the passphrase for the original key when asked.
- The output file [new. key] should now be unencrypted.
See Also
3240107 - Error when uploading SSL Certificate in CSB - Recruiting Marketing
Keywords
SSL, Private Key, RSA, CSB, Error, encrypted, encryption, rmk, certificate, upload , KBA , LOD-SF-RMK-CER , Certificate Renewal, IP Address, Domain , LOD-SF-RMK-CSB , Career Site Builder , Problem
Product
Attachments
Pasted image.png |
Pasted image.png |