Hello
I am installing ECE on prem. When uploading my own certificates I get this error. I followed these instructions but I still get the error : Manage security certificates | Elastic Docs
Is there another way to install my certificates?
Best regards
Christophe
Hi @CD9820
Since you are using ECE which is a licensed product you should open a Support ticket, that will be you best path to resolution.
Hello,
I did submit a ticket to support but did not get a reply to date. Asking advice from my peers in the field never hurts I guess.
Anyway, I did some research myself and solved the issue.
Problem: I converted the key to an rsa key with openssl, which uses by default PKCS#8. Apparently ECE requires PKCS#1, so I had to add the ‘–traditional’ parameter in my openssl command to generate a valid ECE rsa key.
Steps:
I generated my own pfx file.
Extract key from pfx: openssl pkcs12 -in ‘file.pfx‘ -nocerts -nodes -out ‘private.key‘
Convert key to valid rsa format: openssl rsa -in ‘private.key‘ -traditional -out ‘private_rsa.key‘
Extract certificate from pfx: openssl pkcs12 -in ‘file.pfx‘ -clcerts -nokeys -out ‘file.crt‘
Extract chain from pfx: openssl pkcs12 -in ‘file.pfx’ -cacerts -nokeys -out ‘chain.crt’
Manually create a file containing: private rsa key - certificate - intermediate - root
After that the uploaded file was accepted by ECE.
Best regards
Christophe
Hi @CD9820
Absolutely, no problem.
We do answer a lot of cert questions here, just not a lot of ECE Questions, since it comes with support, and often not easy to replicae issues.
Yup, makes sense, and thank you for posting your solution
No Answer? 
You should contact your Elastic Account team.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
