Symptom
After populating the fields in the CSR form and clicking the Generate button, the following error is obtained 'The CSR can't be generated at this time. Try again later' and the CSR is not generated.
Environment
SAP SuccessFactors Recruiting Marketing
Reproducing the Issue
- Select Option 1: To obtain and install your SSL (typical)
- Select step 1 : Generate a CSR
- Populate fields in 'Generate Certificate Signing Request' form
- Click on Generate
- Error is obtained : 'The CSR can't be generated at this time. Try again later'
Cause
This error is due to a product limitation. Some characters are currently not supported in the CSR generation tool. They are:
Use of special characters or symbols in the Organization (O) field such as ! @ # $ % ^ * ( ) ~ ? > < / \
(This is documented in the implementation guide)
Note the Organization name does not appear anywhere on the site so particular corporate naming conventions are not relevant and such characters can be removed. Note however that diacritical marks such as ä or é are supported.
Note this is being considered for enhancement in a future release.
Use of a number as first character for the subdomain in the Common Name (CN) or
Note this is being considered for enhancement in a future release.
Resolution
The CSR cannot be generated via the tool for these particular scenarios but customers can use Option 2: To obtain and install an SSL without generating a CSR.
With this option they can generate their own certificate then upload it along with their private key.
As a result, they can still self serve and should not contact Support to get a CSR manually generated.
Keywords
KBA , LOD-SF-RMK-CER , Certificate Renewal, IP Address, Domain , LOD-SF-RMK-CSB , Career Site Builder , Problem