Endpoint Encryption

Hi everyone,

I've been pulling my hair out trying to figure out a solution. I'm running PGP Universal Server 3.0.1. My SSL Certificate expired and I went through the process of generating a new CSR from the server. I know the new SSL certificate can't be imported in because it's in PEM format. I tried using openSSL to convert the certificate to PKCS 12 but I don't know what I'm doing because it's not working. I already deleted the CSR request, so when I go under certificates I don't have any pending. Could anyone be so kind and tell me the openssl command I need to type so I can import this certificate in?

Thanks and I really appreciate any help anyone could give me.

Hi Marc,

When you generate a Certificate Signing Request (CSR) in SEMS, the server will generate a private key that is stored in the database and it will present you a CSR.
The CSR that you have sent to the Certification Authority (CA) contains only the public portion of they key. The same applies to the certificate that you have received back from the CA that was signed by them.
The private portion of the key is kept in the database during the entire process. By deleting the Pending certificate from the server interface you are in effect deleting the private key from the server's database.
You will need to generate a new CSR, ask again the CA to sign the new certificate and then import the signed certificate into SEMS.

In a quick test, this seemed to work:

openssl x509 -in your_signed_certificate.pem

Copy the output, including the lines:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

In SEMS, click on the ( + ) button that is in the same line of the CSR, paste the output and click Save.

Rgs,
dcats

DCats. you are the man!! I've been struggling with this for days and this worked perfectly!! Thanks again for your help.